Techly NewsGet the app

Get the latest tech news

A hard look at AWS GuardDuty shortcomings


Is GuardDuty all you need for AWS threat detection? We’ve asked our friend Rami McCarthy to dive into GuardDuty’s performance and consider the potential place for Canary Infrastructure.

While more isn’t always more in threat detection, the infrequent addition of new findings, when paired with the slow expansion of service support, paints a picture of GuardDuty only covering a few core parts of AWS’s growing attack surface and complexity. Unfortunately, the arithmetic for other features is very case-specific, the price is high, and the best projection model AWS offers involves using the 30-day free trial and checking the bill. [4] Finally, while GuardDuty’s machine learning models can occasionally filter out important findings, they bring along non-determinism and tend to struggle with low-volume, high impact attacks[5].

Get the Android app

Or read this on Hacker News

Read more on:

Photo of hard look

hard look

Photo of AWS GuardDuty

AWS GuardDuty

Related news:

News photo

On ‘Hard Fork,’ a Hard Look at the Future of Technology

« U.S. now short 4.5M homes as housing deficit grows
Apple Lists Products Eligible for Sales Tax-Free Holidays in 8 U.S. States »