AWS ArchiveFindings
Archives GuardDuty findings to suppress active security alerts from SOC visibility.
Tag: GuardDuty
GuardDuty
All events with tag GuardDuty.
AWS CreateFilter
Creates a GuardDuty finding filter that automatically suppresses or highlights findings matching specified criteria.
AWS CreateIPSet
Creates a GuardDuty IP set — a list of trusted or known malicious IP addresses used in threat intelligence.
AWS DeleteDetector
Disables and permanently deletes a GuardDuty detector in the region, stopping all threat detection.
AWS DeleteMembers
Removes member accounts from a GuardDuty administrator account, ending the delegated monitoring relationship.
AWS DisassociateFromMasterAccount
Disassociates the current account from its GuardDuty administrator account, ending the delegated monitoring relationship.
AWS DisassociateMembers
Disassociates specified member accounts from a GuardDuty administrator account.
AWS StopMonitoringMembers
Stops GuardDuty from monitoring specified member accounts under an administrator account.
AWS UpdateDetector
Updates the configuration of a GuardDuty detector, such as enabling or disabling specific threat detection data sources.
AWS UpdateFindingsFeedback
Updates the feedback status on GuardDuty findings, marking them as useful or not useful.
AWS UpdateIPSet
Modifies the IP addresses or CIDR ranges in a GuardDuty IP set used for threat intelligence.