AWS GuardDuty Reviews

AWS GuardDuty is a monitoring solution. The product helps us in threat monitoring. It notifies us of illegitimate users or any other cyber attack scenarios.

The solution is easy to use. It is very tightly integrated. The insights provided by the tool are very informative. It is easy to work on the alerts created by the tool. It gives us more details on different scenarios. The product is doing well compared to other solutions.

It would be great if the solution had some automation capabilities. It should provide auto-remediation and threat handling with automation.

I have been using the solution since 2019.

I rate the product’s stability a nine out of ten.

I rate the tool’s scalability an eight out of ten. The product is scalable, but it needs a manual intervention. More than 100 people are using the solution in our organization.

The support is always great. The support team is pretty quick. Once we raise a concern, the team jumps into a call and resolves the issues. It hardly takes 15 to 20 minutes.

The initial setup is very simple.

We deployed the solution ourselves. We do not need help from a third-party vendor.

I rate the pricing a seven out of ten. The price of the solution is exactly right. It is neither high nor low. It is a pay-as-you-go model. The more number of accounts we integrate, the more the price will increase.

The product is unique to AWS. I would recommend the solution to others. Overall, I rate the product a ten out of ten.

We are only using it for a client's requirements; we are simply building it and selling it to the client.

Amazon GuardDuty is used on private infrastructure for our clients. The application is not publicly accessible; it is hosted internally.

GuardDuty has been used to set the CloudWatch alarms. Assume that both scans are detected, or something similar, we have just enabled CloudWatch alarms for those use cases so that any such use case is detected. The alert will be triggered, and we have configured and integrated Amazon GuardDuty with all of the other seven accounts to have the central HPU.

The correlation back end is the solution's most valuable feature. Like in the backend, it is collecting all the data, which I think is pretty interesting, and coordinating everything, which is another good thing.

While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved.

For example, suppose you want to know when an alert is sent to your mailbox. The information is in JSON format. It would be helpful if that could be sent to the mailbox in a human-readable format.

I believe it can be improved in a variety of ways. If we can build our own use cases instead of using Microsoft Sentinel alone, that would be ideal.

I have been using Amazon GuardDuty for two to three years.

I have used it for the last 12 months.

Amazon GuardDuty is a stable product.

Amazon GuardDuty is scalable.

We have not had any issues that required us to contact the GuardDuty AWS vendor. It's straightforward and effective.

The initial setup is straightforward. We simply click on the app, and that's it.

The deployment can be done in a few minutes. We don't have to spend a lot of time there. It will take some time, to integrate everything one by one, which is why we did it manually, otherwise everything else was straightforward.

Pricing is determined by the number of events sent. It's fine, and it's not a problem from our perspective.

My recommendation is to go for the master setup that will be beneficial to you.

There are some limitations where we cannot modify use cases to meet our needs; we must do additional work, such as setting up CloudWatch alarms and SNS, and things are not patched. There are some restrictions. I'll just suggest that you have some skilled resources with patching knowledge.

It's good, I would rate Amazon GuardDuty a seven out of ten.

I mainly use GuardDuty to check user responses, collect logs, and collect data on who logs in and out and their permission and authorization. 

Prior to using GuardDuty, we had multiple systems to collect data and put it in a centralized location so we could look into it. Now we don't need to do that anymore as GuardDuty does it for us.

The most valuable features are the single system for data collection and the alert mechanisms.

An improvement would be to have a mobile version where remote workers can log in and monitor and fix issues. In the next release, I'd like Amazon to add a pane to visualize all seven layers of security.

I've been using GuardDuty for two to three years.

GuardDuty's stability is really good - we never see outages or falls in networking or BPC connections.

GuardDuty is really scalable, which is helping us to upscale our environment to the cloud. I really appreciate the scalability measures that Amazon is providing to all its customers.

We've had enormous support from the Amazon support team.

Positive

Previously, I used GCT.

GuardDuty is set up through a one-touch system, so the process was simple.

We used the AWS team to do our workload, publishing, and so on, so it took about a quarter of the time it would have otherwise.

We use a pay-as-you-use license, which is competitively priced in the market.

I'd rate GuardDuty as nine out of ten.

We use the tool for threat detection. AWS includes AI features as well. AWS GuardDuty gives us reports. 

AWS GuardDuty needs to be more customer-oriented. 

I have been working with the tool for three years. 

The tool is stable. 

AWS GuardDuty is scalable. We used the tool bi-weekly. 

I have not contacted customer support yet. 

The tool's setup is easy. You don't need any additional learning or resources to do it. You just need to enable AWS GuardDuty. The tool's deployment got completed in two to three minutes. 

The tool has no subscription charges. 

AWS GuardDuty is automated and gives alerts whenever there is an intrusion. AWS has a SMS service and you can get notifications through it if you subscribe. We have not encountered any performance issues. I would rate the tool a nine out of ten. 

Amazon GuardDuty is an AWS Managed Service. The product finds information related to potential security risks and detects our environment related findings. It is a service that helps administrators find anomalies in their environment, rectify those issues and make the environment more secure and safe.

For example, consider some S3 buckets; we have X server access login disabled and certain configurations which are recommended that we are not following that are certain IAM user regulates such as monitoring from the background. Amazon GuardDuty will give us anomaly data for that particular IAM user, advising that certain activity was suspicious.

In our environment, the most valuable feature is discovering the anomalous sign users because we have configured single sign-on in our environment, but there are some IAM users. Since our environment is cloud-based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing. Finding anything suspicious with AWS recommendations is helpful.

Amazon GuardDuty is limited to certain services. The solution has to be integrated with new services that AWS adds like QuickSight, Managed Airflow, AppFlow and MWAA. By being integrated with these services, it would be handy for users and save time.

I have been using Amazon GuardDuty for six months.

Amazon GuardDuty is service based not user-based. I can have a number of users in my system because the user management is turning the different services in AWS AIM direct access management.

We have four users of the solution. It is used by system administrators, cloud administrators, and architects. 

Amazon GuardDuty is an extra security measure. We have other security measures also implemented in our environment, such as our on-premise environment and network related securities. 

The initial setup of Amazon GuardDuty is fairly easy without much complexity.

Licensing of GuardDuty is part of the AWS license. The pricing model is pay as you go and is based on the number of events per month. When you first look at the price it seems reasonable but if you look at it holistically the cost can be improved.

At a very basic level, Amazon GuardDuty is a good tool. If you are looking for advanced security that would provide higher checks to secure their environment, this may not be enough. 

Certain checks only related to the AWS environment are good, but if you are integrated with other services like Salesforce or MuleSoft it is not a good solution.

I would rate GuardDuty a six out of 10 overall. 

I use AWS GuardDuty to monitor my AWS environment for potential security threats. It analyzes data from various sources like CloudTrail logs and VPC Flow Logs to detect malicious activity. GuardDuty provides insights into potential threats, categorizing them by severity levels, helping me prioritize and respond effectively. 

As I explore AWS GuardDuty, I find its features helpful for spotting threats in my AWS setup. With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential security risks. While I'm still new to using it and haven't faced many threats yet, I see how GuardDuty is crucial for beefing up my AWS security by catching and dealing with vulnerabilities early on.

One improvement I would suggest for AWS GuardDuty is the ability to assign findings to specific users or groups, facilitating better communication and follow-up actions. It would be beneficial to have a knowledge bank where past findings and actions taken are stored, aiding in handling repeat incidents and providing historical precedence for new team members.

I have been using AWS GuardDuty for a year.

AWS GuardDuty is stable and responsive. I haven't encountered any glitches or stability issues, and the analytics are quick and reliable.

As a very small business in its initial stage, I find AWS GuardDuty to be scalable for our needs.

The tech support for AWS GuardDuty is good. The documentation and support resources available are clear and comprehensive, making it easy to set up and configure. I would rate it around nine out of ten.

Positive

GuardDuty is intuitive to use and the setup process is simple. There is not much complex configuration involved, which makes it easy to get started. Deploying AWS GuardDuty is straightforward with just a few steps, and it is all done within your AWS cloud account. As for maintenance, it is easy and there haven't been any issues or challenges.

The pricing and licensing for AWS GuardDuty are transparent and predictable, which I appreciate. While some may find it expensive at larger scales, for our small business, it is manageable and in line with expectations. AWS's pay-as-you-go model ensures we only pay for what we use, which is beneficial for budgeting.

GuardDuty helps by flagging unexpected or potentially unauthorized activity in my AWS environment. For instance, it alerts me when there is an API call from an unfamiliar IP address, which might indicate a security threat. However, in some cases, these alerts might be triggered by legitimate actions, such as employees working remotely from different locations using VPNs.

I find the anomaly detection and continuous monitoring features of AWS GuardDuty very effective. They give me peace of mind knowing that AWS is actively looking out for any abnormal behavior or traffic in my environment. In the past, for on-premises setups, I relied on different network tools for this, but in the cloud, GuardDuty takes care of it, sparing me from manual tasks like checking VPC logs. 

Integrating AWS GuardDuty with third-party tools seems straightforward, although I haven't done it yet myself. From what I have seen, getting GuardDuty data into AWS Security Hub appears to be a simple process, allowing for centralized security monitoring across multiple accounts. I'm considering enabling it and trying it out, especially since AWS offers a 30-day trial for Security Hub.

Overall, I would rate AWS GuardDuty as a ten out of ten.

We have been using AWS, and since we used a couple of tools, we decided to implement AWS GuardDuty for security purposes.

We are currently leveraging AWS GuardDuty quite often for security monitoring within our infrastructure.

I can discuss specific instances where AWS GuardDuty's automated response feature was very helpful for our security. It provides abrupt alerts, which has been a good feature.

AWS GuardDuty integrates seamlessly with third-party tools in our existing ecosystem, and we did not experience any challenges with integration.

AWS GuardDuty is currently meeting our needs concerning what could be improved.

In future updates of AWS GuardDuty, I would suggest implementing better UI features.

We have recently learned AWS GuardDuty, and we are trying to integrate it right now, as it has only been a few months.

When we deployed AWS GuardDuty, it proceeded smoothly without any difficulties or complexities.

On a scale from one to ten, I find AWS GuardDuty very stable, rating it approximately nine.

For scalability, AWS GuardDuty rates around eight on the same scale.

I have communicated with the technical support of AWS, and they are helpful and responsive.

On a scale from one to ten, I rate the technical support ten. They provided workshops and all services on time, which demonstrates their excellence.

Positive

The deployment of AWS GuardDuty required just a few hours to complete.

AWS GuardDuty has impacted our security operational costs, but we are still in the process and experimenting with it, so I'm not fully aware of the financial implications.

My team was experimenting with some tools and found AWS GuardDuty to be relatively better.

The solution can be utilized in public or private cloud environments, though I'm not fully aware of those details as my team manages the implementation.

We are not currently utilizing artificial intelligence in AWS GuardDuty to enhance its threat detection capabilities.

I would recommend AWS GuardDuty to other companies and businesses.

I rate AWS GuardDuty a nine out of ten.

We have over 1,000 employees, and we monitor their activity through AWS GuardDuty.

The solution's user interface could be improved because it will help users to understand multiple options. Currently, we have multiple options on AWS GuardDuty, which may confuse new users.

I have been using AWS GuardDuty for two years.

We faced some issues with AWS GuardDuty because sometimes we don't get proper loss from the solution.

I rate the solution an eight out of ten for stability.

I rate the solution ten out of ten for scalability.

The solution’s initial setup is not very difficult.

We have a whole bunch of information on various things in AWS GuardDuty.

Overall, I rate the solution a nine out of ten.