- TechOps Examples
- Posts
- How GuardDuty Protects S3 from Malware
How GuardDuty Protects S3 from Malware
TechOps Examples
Hey β It's Govardhana MK π
Along with a use case deep dive, we identify the top news, tools, videos, and articles in the TechOps industry.
Before we begin... a big thank you to today's sponsor Beehiiv.
When I decided to start a newsletter, I wanted a no-code platform thatβs easy to manage and scale.
So I could focus on content rather than anything else.
Choosing Beehiiv was one of the best decisions for our newsletter.
A few things I love:
Great monetization tools
Lots of amazing templates
Powerful email automation & segments
Personally, I tapped into revenue from day one and grew to $2K MRR with 15K+ subscribers in 2 months.
For context: $1,230,881 - Revenue earned by newsletters on Beehiiv last month.
Whether you're a creator or aspiring to become one, check Beehiiv
Best thing - It is FREE up to 2,500 Subscribers.
IN TODAY'S EDITION
π§ Use Case
How GuardDuty Protects S3 from Malware
π Top News
GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks
π½οΈ Videos
Monolith vs Microservices - Dave Farley - GOTO 2024
Kubernetes LoadBalancer Service for External Access
ποΈ Resources
A Beginner's Guide to Using AWS CloudTrail
Git: avoid reset --hard, use reset --keep instead
π οΈ TOOL OF THE DAY
nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
π§ USE CASE
How GuardDuty Protects S3 from Malware
Some of you may know, AWS launched Amazon GuardDuty Malware Protection for S3 on 11 Jun 24, and I've noticed increased interest from organizations exploring this option.
And this is how it typically flows:
GuardDuty continuously monitors S3 objects using advanced threat detection.
When malware is detected, GuardDuty tags the files to make them visible for further investigation.
The malware is automatically quarantined to prevent further spread.
EventBridge monitors these malware events.
Upon detection, EventBridge triggers Lambda for automation tasks.
Lambda automates actions like moving infected files to a quarantine bucket, logging the incidents for tracking, and notifying teams for prompt response.
While enabling malware protection in GuardDuty for your S3 buckets:
You can scan all objects in the S3 bucket or
Filter out with a specific prefix.
Make sure the permissions that are required by GuardDuty to scan the buckets are Configured in the IAM role policy.
Find IAM role policy instructions here.
Key Pointers You Should Know:
You can enable Malware Protection for S3 in your account's S3 bucket, but not for member accounts as a delegated admin.
This feature is only available for S3 buckets in the same Region selected in the GuardDuty console; cross-Region buckets aren't supported.
Receive EventBridge notifications for plan status changes in member accounts' buckets.
Detects malicious file uploads in selected S3 buckets.
If GuardDuty is not enabled, you can still enable only Malware Protection for S3.
Scanned objects are tagged with GuardDutyMalwareScanStatus with these values:
NO_THREATS_FOUND | No threats detected |
THREATS_FOUND | Potential threats detected |
UNSUPPORTED | Scanning not supported |
ACCESS_DENIED | Object access restricted |
FAILED | Scanning unsuccessful |
For further exploration:
Hope you find this use case helpful in your learning journey !
Who really owns your audience?
Being a Creator has never been easy, but unpredictable algorithms make connecting with your audience on social media harder than ever.
Enter beehiiv, the newsletter platform used to send this very email.
beehiiv frees you from the algorithms, giving you the tools to connect and create a more direct relationship with your followers.
Plus, with a network of premium advertisers and paid subscription options, you can tap into new revenue streams from day one.
If you're enjoying TechOps Examples please forward this email to a colleague.
It helps us keep this content free.