AWS GuardDuty Reviews

Name: AWS GuardDuty
Brand: Amazon Web Services (AWS)
Rating: 4.1 (25 reviews)

Vendor: Amazon Web Services (AWS)

4.1 out of 5

25 reviews
92% willing to recommend

Leave a review

What is AWS GuardDuty?

AWS GuardDuty is a security service providing threat detection and continuous monitoring, integrating seamlessly with AWS services and third-party tools. Enhanced by machine learning, it offers comprehensive protection against unauthorized access and malicious activity within AWS environments.

Get the AWS GuardDuty Buyer's Guide and find out what your peers are saying about AWS GuardDuty, Wiz, SentinelOne Singularity Cloud Security and more!

AWS GuardDuty is the #3 ranked solution in Cloud Workload Protection Platforms. PeerSpot users give AWS GuardDuty an average rating of 8.2 out of 10. AWS GuardDuty is most commonly compared to Wiz: AWS GuardDuty vs Wiz. AWS GuardDuty is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 14% of all views.

Helped 892,678 peers since 2012

Featured AWS GuardDuty reviews

ShantanuKhare

Senior IT Auditor at Ernst & Young

I would assess the integration of AWS GuardDuty with Threat Intelligence as majorly positive; no threat intelligence is 100% accurate, and there are a few false positives, but as a security engineer, this must be accepted, and overall, the response and service is good for us. We do not directly use AWS GuardDuty dashboard by itself, as we have our own integrated security dashboard; AWS GuardDuty gives the feed to that dashboard, and it's giving us a satisfactory view of how the security landscape looks. We use metrics such as zero-day threats, any malicious traffic, and any traffic which originates from OFAC countries to measure its effectiveness, as we are majorly into a financial institution, as any traffic that is from a malicious IP or a rogue device. I don't see any significant negative points regarding AWS GuardDuty; it's a good product to have if you're a cloud consumer. I rate AWS GuardDuty nine out of ten overall.

Read full review

Abner Santos

Senior Security Analyst (AppSec) at ELETROBRAS

AWS GuardDuty is a great solution; I appreciate it because it's native for the Cloud provider, and I don't need to acquire other tools from another vendor. The great benefits of using AWS GuardDuty are that it is connected to all ecosystems from the AWS environment, and I can detect threats faster and locate all the information in a single tool. I don't need to access many tools or features to understand the incident. Another protection that I use is some EDRs for EC2 instances, and I have experimented with Orca Security and Cynap.

Read full review

Terence Dube

AWS Cloud Engineer at Standard Telephones and Cables

GuardDuty is limited to AWS environments. While incorporating Amazon Detective for detailed investigation can be useful, including more granular details in findings, such as specific user actions or historical comparisons, would be beneficial. Furthermore, managing global AWS environments requires setting up additional tools for viewing GuardDuty findings across multiple regions. A unified dashboard that aggregates findings across all regions without requiring manual aggregation could enhance convenience for users.

Read full review

AWS GuardDuty mindshare

As of May 2026, the mindshare of AWS GuardDuty in the Cloud Workload Protection Platforms (CWPP) category stands at 11.3%, down from 11.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cloud Workload Protection Platforms (CWPP) Mindshare Distribution
Product	Mindshare (%)
AWS GuardDuty	11.3%
Microsoft Defender for Cloud	14.0%
Wiz	9.8%
Other	64.9%

Cloud Workload Protection Platforms (CWPP)

PeerResearch reports based on AWS GuardDuty reviews

Type	Title	Date
Category	Cloud Workload Protection Platforms (CWPP)	May 4, 2026	Download
Product	Reviews, tips, and advice from real users	May 4, 2026	Download
Comparison	AWS GuardDuty vs Microsoft Defender for Cloud	May 4, 2026	Download
Comparison	AWS GuardDuty vs Wiz	May 4, 2026	Download
Comparison	AWS GuardDuty vs SentinelOne Singularity Cloud Security	May 4, 2026	Download

Valuable Features

AWS GuardDuty offers valuable features including integrated data collection, alert mechanisms, and cost-efficient monitoring across AWS accounts. Users find threat detection, anomaly behavior analysis, and seamless integration with existing AWS services valuable. Its ability to monitor anomalies in DNS, VPC flow, and CloudTrail logs aids in security and compliance, providing rapid notifications and automated responses against malicious activity. Users value its machine learning-powered threat detection and end-to-end visibility, enhancing AWS environment security.

"GuardDuty is really scalable, which is helping us to upscale our environment to the cloud, and I really appreciate the scalability measures that Amazon is providing to all its customers."
"Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing."
"Amazon GuardDuty is a very good service, and we are not planning to change it any time soon."

Room for Improvement

AWS GuardDuty needs improvements such as mobile access, enhanced security analytics, and comprehensive dashboard features. Users want better integration with AWS services, increased threat intelligence, and improved cost efficiency. Automation and more effective user interfaces are desired, alongside better detection in container environments. Some users also seek unified dashboards for multi-region monitoring and integration with other security tools. Improved technical support and the ability to handle false positives effectively are also sought after.

"An improvement would be to have a mobile version where remote workers can log in and monitor and fix issues."
"If you are looking for advanced security that would provide higher checks to secure their environment, this may not be enough."
"Amazon GuardDuty could be better enriched in threat intelligence data."

ROI

AWS GuardDuty enhances threat detection, improving overall security posture and gaining customer trust, thus attracting more clients. It provides early threat notifications, reducing investigation time and costs. Users report satisfaction and continued use indicating a positive return. Time savings average around 40%, with significant improvements in response time. Although detailing financial implications remains ongoing, AWS GuardDuty has already improved security operations costs and shown a clear qualitative benefit in security and customer confidence.

Pricing

AWS GuardDuty pricing employs a pay-as-you-go model, making it competitive and flexible for varying organizational needs. Small businesses find it manageable, while larger enterprises may face higher costs. The model includes charges per gigabyte, with discounts at higher usage tiers. Clients appreciate its transparency, although some suggest improvements in cost-efficiency at larger scales. Pricing typically begins around $1 per GB or per million requests, deemed economical compared to competitors. GuardDuty is seamlessly integrated into AWS infrastructure.

"The tool's licensing model is pay-as-you-go."
"80 percent of the customers are using AWS GuardDuty, and we recommend it due to its low cost, especially for small customers, ranging from five to ten dollars a month. In our policies, we enforce the usage of this service, making it a recommended practice for security."
"It can get very expensive. If you turn on every feature, it can turn into hundreds of thousands of dollars."

Popular Use Cases

Organizations utilize AWS GuardDuty for threat detection, monitoring AWS accounts for suspicious activity, and compliance assistance. It helps identify potential security risks, detect anomalies, and safeguard AWS environments by analyzing logs and providing alerts on malicious activities. Companies often use it for monitoring user permissions, setting up CloudWatch alarms, and protecting infrastructure, including EC2 instances, S3 buckets, and Lambda functions, from unauthorized access, vulnerabilities, and cyber threats.

Service and Support

AWS GuardDuty support is highly responsive and effective. Many users have expressed satisfaction with AWS's swift resolution of queries through various channels, including chat, phone, and web support, with some rating it ten out of ten. Users appreciate the comprehensive documentation and availability of resources. Although there are minor delays and occasional variability in support quality, AWS's 24/7 access and commitment to resolving issues are valued, with few escalations needed.

Deployment

The initial setup of AWS GuardDuty is mostly described as straightforward and simple. Many mention a one-click process, requiring minimal resources and time for deployment. Users highlight that complexity can arise with certain integrations and specific architectural requirements. Configuring AWS environments, enabling Security Hub, and using infrastructure as code can present challenges. AWS GuardDuty's adaptability across multiple accounts and its ability to integrate with AWS environments are consistently praised.

Scalability

AWS GuardDuty is recognized for its impressive scalability, effectively supporting dynamic and growing cloud environments. It efficiently manages increased data volumes and adapts to changing network traffic. Many users appreciate its design, which allows seamless scaling across multiple accounts. Users consistently rate its scalability highly, often between eight and ten out of ten. It's adaptable for various demands and is considered essential for account management, making it suitable for both small businesses and larger organizations.

Stability

AWS GuardDuty demonstrates excellent stability with no significant outages or downtime. Many organizations report that GuardDuty operates smoothly in their production environments, even when integrating with CloudTrail and CloudWatch. Users often praise GuardDuty's reliability and rate its stability between eight and ten out of ten. Although some experience false positives, the tool remains highly dependable, backed by AWS's robust machine learning capabilities. Most users commend GuardDuty's quick analytics and overall responsiveness.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our AWS GuardDuty Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	3
Large Enterprise	13

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	270
Midsize Enterprise	177
Large Enterprise	641

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

14%

Computer Software Company

10%

Manufacturing Company

Government

Comms Service Provider

Retailer

Insurance Company

University

Healthcare Company

Outsourcing Company

Energy/Utilities Company

Construction Company

Media Company

Educational Organization

Marketing Services Firm

Transportation Company

Real Estate/Law Firm

Legal Firm

Non Profit

Hospitality Company

Consumer Goods Company

Performing Arts

Pharma/Biotech Company

Recreational Facilities/Services Company

Recruiting/Hr Firm

Aerospace/Defense Firm

Wholesaler/Distributor

Logistics Company

Compare AWS GuardDuty with alternative products

Learn more about AWS GuardDuty

GuardDuty offers behavior analysis and automated responses, utilizing multiple data sources like CloudTrail and VPC Flow Logs for thorough threat analysis. Its scalability and cost-effectiveness simplify the process of identifying suspicious activities, thereby protecting AWS environments from security threats. While users appreciate these features, there's room for improvement in expanded integrations, a more intuitive dashboard, and detailed threat intelligence. Key capabilities include facilitating compliance and enhancing cloud security by monitoring accounts, services, and detecting unusual patterns in real-time.

What are the key features of AWS GuardDuty?

Threat Detection: Identifies potential threats using behavior analysis and anomaly detection.
Continuous Monitoring: Provides round-the-clock surveillance of AWS environments.
Integration: Connects with AWS services and third-party tools for extended functionality.
Automated Responses: Facilitates immediate action against detected threats.

What benefits and ROI should users expect from AWS GuardDuty reviews?

Cost-Effectiveness: Offers scalable solutions without significant overhead costs.
Ease of Use: Simplifies threat detection and monitoring processes.
Scalability: Adapts to growing security needs efficiently.
Comprehensive Security: Protects AWS environments from unauthorized access and malicious activities.

Industries utilize AWS GuardDuty for robust security management, detecting threats and analyzing potential risks within AWS environments. This is crucial for sectors needing strict compliance and security, such as finance and healthcare, enabling these sectors to respond effectively to security events and maintain integrity.

AWS GuardDuty customers

autodesk, mapbox, fico, webroot

Product Categories

Cloud Workload Protection Platforms (CWPP)

Popular Comparisons

Wiz vs AWS GuardDuty

SentinelOne Singularity Cloud Security vs AWS GuardDuty

Microsoft Defender for Cloud vs AWS GuardDuty

CrowdStrike Falcon Cloud Security vs AWS GuardDuty

Orca Security vs AWS GuardDuty

TrendAI Vision One – Cloud Security vs AWS GuardDuty

Illumio vs AWS GuardDuty

Akamai Guardicore Segmentation vs AWS GuardDuty

Check Point CloudGuard CNAPP vs AWS GuardDuty

FortiCNAPP vs AWS GuardDuty

Aqua Cloud Security Platform vs AWS GuardDuty

Cisco Secure Workload vs AWS GuardDuty

Cortex Cloud by Palo Alto Networks vs AWS GuardDuty

Tenable Cloud Security vs AWS GuardDuty

Upwind vs AWS GuardDuty

See all alternatives

AWS GuardDuty Reviews Summary
Author info	Rating	Review Summary
Senior IT Auditor at Ernst & Young	4.5	I’ve used AWS GuardDuty for three years to detect threats and automate responses; it’s reliable and scalable, though integration could improve compared to Microsoft Sentinel. Despite being costly, overall, it’s a strong, effective security solution for our needs.
Senior Security Analyst (AppSec) at ELETROBRAS	4.5	I've extensively used AWS GuardDuty to detect threats and unauthorized access in my environment and appreciate its integration with the AWS ecosystem. While it's effective, I think container environment detections could be improved for services like Fargate and EKS.
AWS Cloud Engineer at Standard Telephones and Cables	4.5	I mainly use AWS GuardDuty to detect compromised EC2 instances and monitor threats in S3 buckets and Lambda functions. Its ease of use and cost-effectiveness are valuable, but improvements are needed for multi-region management and more detailed investigations.
DevOps Engineer at a consultancy with 10,001+ employees	4.0	I use AWS GuardDuty with AWS Security for detecting threats like brute force attacks and unauthorized SSH attempts. It's valued for its threat detection integration, though I wish it integrated with more AWS services. AWS's notifications improve response times significantly.
Cloud Engineer at Epsilon	4.0	I use AWS GuardDuty to continuously monitor AWS accounts and enhance security through intelligent threat detection and integration with other AWS services. Its machine learning capabilities are valuable, though the high cost needs improvement. Overall, it's crucial for detecting threats.
Security and Compliance Architect at a manufacturing company with 1,001-5,000 employees	4.5	I use AWS GuardDuty for effective threat detection and monitoring of AWS accounts, containers, and Amazon S3 buckets. It needs updates to handle evolving threats, but it significantly improves incident prevention, offering early notifications and valuable ROI.
Solutions architect at University of Helsinki	5.0	AWS GuardDuty serves as a basic threat detection tool within AWS's vast portfolio. While not my primary focus, it's a good starting point for endpoint protection. For larger scale needs, I would consider AWS Shield or third-party solutions.
Vice President at a financial services firm with 10,001+ employees	4.0	I use AWS GuardDuty to detect threats, valuing its S3 and malware protection features. However, improvements are needed in support response time and detection accuracy. Despite some challenges, our investment in GuardDuty appears to deliver satisfactory results.

Title	Rating	Mindshare	Recommending
Wiz	4.4	9.8%	97%	42 interviews Add to research
SentinelOne Singularity Cloud Security	4.4	4.9%	99%	123 interviews Add to research

AWS GuardDuty Reviews

What is AWS GuardDuty?

Featured AWS GuardDuty reviews

AWS GuardDuty mindshare

PeerResearch reports based on AWS GuardDuty reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare AWS GuardDuty with alternative products

Learn more about AWS GuardDuty

AWS GuardDuty customers

Related questions

Product Categories

Popular Comparisons