Ensure compliance by enabling GuardDuty as per high severity control 'guardduty-enabled'.
Rule | GuardDuty should be enabled |
Framework | NIST 800-171 Revision 2 |
Severity | ✔ High |
Rule Description:
The rule requires enabling GuardDuty for compliance with NIST 800-171 Revision 2. GuardDuty is a threat detection service offered by AWS that continuously monitors and analyzes account activities and AWS resource configurations for signs of malicious activity or unauthorized behavior.
Troubleshooting Steps:
Remediation Steps:
To enable GuardDuty for NIST 800-171 Revision 2 compliance, follow the steps below:
Step 1: Open GuardDuty Management Console
Step 2: Enable GuardDuty
Step 3: Configure GuardDuty
Step 4: Review and Respond to Findings
CLI Command:
If you prefer using AWS Command Line Interface (CLI) for enabling GuardDuty, use the following command:
aws guardduty create-detector --enable true
Additional Notes:
Make sure to review and further understand NIST 800-171 Revision 2 compliance requirements specific to your organization. GuardDuty's continuous monitoring will aid in detecting threats and maintaining compliance with this standard.