| > GuardDuty does what AWS says it will do What do you view as AWS' commitments around GuardDuty? I see pretty clear positioning by AWS of GuardDuty as a one-and-done solution for threat detection. Top level marketing claims include: * "Protect against ransomware and other types of malware" - which is why I looked at how viable GuardDuty would be against the most common form of S3 "ransomware" * "Detect suspicious activity in your generative AI workloads" - but they don't actually have coverage of the vast majority of GenAI Services * "Continuous monitoring across AWS accounts and workloads without added cost" - except the service is expensive (if worthwhile for the foundational data sources!) and has unpredictable costs > competing product/service I see canary infrastructure as complimentary to Guardduty (w/ foundational data sources) - which is explicitly stated in the piece! nb: I'm the author, in case it's non-obvious! |