Amazon GuardDuty
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3. With the cloud, the collection and aggregation of account and network activities is simplified, but it can be time consuming for security teams to continuously analyze event log data for potential threats. With GuardDuty, you now have an intelligent and cost-effective option for continuous threat detection in AWS. The service uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats. GuardDuty analyzes tens of billions of events across multiple AWS data sources, such as AWS CloudTrail event logs, Amazon VPC Flow Logs, and DNS logs. With a few clicks in the AWS Management Console, GuardDuty can be enabled with no software or hardware to deploy or maintain. By integrating with Amazon CloudWatch Events, GuardDuty alerts are actionable, easy to aggregate across multiple accounts, and straightforward to push into existing event management and workflow systems.
Below are the cmdlets which are available with Amazon GuardDuty
| CmdletName | ServiceOperation |
| Add-GDResourceTag | TagResource |
| Backup-GDFinding | ArchiveFindings |
| Confirm-GDInvitation | AcceptInvitation |
| Deny-GDInvitation | DeclineInvitations |
| Disable-GDOrganizationAdminAccount | DisableOrganizationAdminAccount |
| Enable-GDOrganizationAdminAccount | EnableOrganizationAdminAccount |
| Get-GDDetector | GetDetector |
| Get-GDDetectorList | ListDetectors |
| Get-GDFilter | GetFilter |
| Get-GDFilterList | ListFilters |
| Get-GDFinding | GetFindings |
| Get-GDFindingList | ListFindings |
| Get-GDFindingStatistic | GetFindingsStatistics |
| Get-GDInvitationCount | GetInvitationsCount |
| Get-GDInvitationList | ListInvitations |
| Get-GDIPSet | GetIPSet |
| Get-GDIPSetList | ListIPSets |
| Get-GDMasterAccount | GetMasterAccount |
| Get-GDMember | GetMembers |
| Get-GDMemberList | ListMembers |
| Get-GDOrganizationAdminAccountList | ListOrganizationAdminAccounts |
| Get-GDOrganizationConfiguration | DescribeOrganizationConfiguration |
| Get-GDPublishingDestination | DescribePublishingDestination |
| Get-GDPublishingDestinationList | ListPublishingDestinations |
| Get-GDResourceTag | ListTagsForResource |
| Get-GDThreatIntelSet | GetThreatIntelSet |
| Get-GDThreatIntelSetList | ListThreatIntelSets |
| New-GDDetector | CreateDetector |
| New-GDFilter | CreateFilter |
| New-GDIPSet | CreateIPSet |
| New-GDMember | CreateMembers |
| New-GDPublishingDestination | CreatePublishingDestination |
| New-GDSampleFinding | CreateSampleFindings |
| New-GDThreatIntelSet | CreateThreatIntelSet |
| Remove-GDDetector | DeleteDetector |
| Remove-GDFilter | DeleteFilter |
| Remove-GDInvitation | DeleteInvitations |
| Remove-GDIPSet | DeleteIPSet |
| Remove-GDMember | DeleteMembers |
| Remove-GDPublishingDestination | DeletePublishingDestination |
| Remove-GDResourceTag | UntagResource |
| Remove-GDThreatIntelSet | DeleteThreatIntelSet |
| Restore-GDFinding | UnarchiveFindings |
| Send-GDMemberInvitation | InviteMembers |
| Start-GDMonitoringMember | StartMonitoringMembers |
| Stop-GDMonitoringMember | StopMonitoringMembers |
| Unregister-GDFromMasterAccount | DisassociateFromMasterAccount |
| Unregister-GDMember | DisassociateMembers |
| Update-GDDetector | UpdateDetector |
| Update-GDFilter | UpdateFilter |
| Update-GDFindingFeedback | UpdateFindingsFeedback |
| Update-GDIPSet | UpdateIPSet |
| Update-GDOrganizationConfiguration | UpdateOrganizationConfiguration |
| Update-GDPublishingDestination | UpdatePublishingDestination |
| Update-GDThreatIntelSet | UpdateThreatIntelSet |
You can also check other AWS Services, and each services cmdlets we are providing.
