Amazon GuardDuty Tester Logo

Amazon GuardDuty Tester

0
Free
Visit Website

This repository contains scripts and guidance that can be used as a proof-of-concept to generate Amazon GuardDuty findings related to real AWS resources. There are multiple tests that can be run independently or together depending on the findings you are looking to generate. These scripts do not generate examples for every possible GuardDuty finding type but do help provide insight that can help in understanding how to view and respond to GuardDuty findings for resources deployed in your environment. It is recommended that these tests be deployed in a non-production account to ensure that findings generated by these tests can be clearly identified. Additionally, the permissions to deploy these tests are quite broad and using a non-production account helps to ensure that these permissions are contained to an account where the impact of these permissions is reduced. The following tests are available in this repository: Findings related to EC2 instances and Malware protection, Findings related to EKS clusters on EC2 using Kubernetes Audit Logs and EKS Runtime protection, Generating findings related to EC2 instances and Malware protection.

FEATURES

ALTERNATIVES

AWS Scout2 is a security tool for AWS administrators to assess their environment's security posture.

Learn how to secure applications in Kubernetes Engine by granting varying levels of privilege based on requirements.

A tool for spinning up insecure AWS infrastructure with Terraform for training and security assessment purposes.

A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.

Krampus is a security solution for managing AWS objects and can be used as a cost-control tool.

Export Kubernetes events for observability and alerting purposes with flexible routing options.

A security toolkit for Amazon S3

Show the history and changes between configuration versions of AWS resources

PINNED