Hi, I'm Matthew, and I'll be your AI voiceover companion for this video. I'm thrilled to announce the launch of a new Amazon GuardDuty feature that will help organizations better protect data in the cloud: Amazon GuardDuty Malware Protection for S3. In today's threat landscape, safeguarding your data in the cloud is more important than ever. This new capability allows you to scan your S3 buckets to detect malware from untrusted sources.
We know that data stored in the cloud can come from various sources, not all entirely trustworthy. GuardDuty leverages advanced threat detection capabilities to continuously monitor your S3 objects and identify any potential malware threats. When GuardDuty detects malware, it can tag objects, enabling downstream orchestration like automated quarantining to prevent malware spread and further damage to your critical data. The tagging also provides visibility into flagged files for further investigation by your security team.
GuardDuty is a fully managed AWS service, meaning there's no infrastructure for you to deploy or maintain. AWS handles all underlying resources, scaling, and updates required for malware detection and remediation. This lets your team focus on your core business instead of managing security operations.
The setup is straightforward and seamless, requiring minimal configurations for both application developers and your security team. Integration with your existing S3 buckets is quick, allowing you to start benefiting from this additional protective layer in just a few clicks, either using the console or CloudFormation.
GuardDuty provides highly contextualized findings when it detects potential malware by offering metadata about the impacted S3 bucket, the specific S3 object, and malware details. GuardDuty uses continuously updated malware signature lists. Any detected malware's generated alert contains contextual information about its category, S3 bucket metadata, and other scan-related information. GuardDuty provides scalable bucket-level monitoring, automatically scaling to handle even the largest data volumes in your S3 environment.
Crucially, GuardDuty also quarantines identified malware to prevent further damage. The agentless malware scanning solution relieves you of complexity in managing, operating, and incurring overhead of underlying compute infrastructure. This allows application teams to focus on business logic while securing applications uploading untrusted data to S3 buckets.
Now, let's dive deep into the console with a demo.
Enable S3 Malware Protection:
Test with a Sample Malware File:
Examining Findings:
Object Isolation Example:
GuardDuty S3 malware scanning offers a free tier for existing accounts until June 11, 2025, and for new accounts without an end date. The free tier includes 1,000 PUT requests and 1 GB of free usage every month for the first 12 months. Once these thresholds are surpassed, charges are based on $ 0.60 per GB and $ 0.215 per 1,000 PUT requests in US East. Always check the GuardDuty pricing page for your specific regions and updates.
This feature is unique because it can be used standalone and doesn't require any other GuardDuty features to be enabled, offering a highly secure solution with cost-effective, scalable pricing.
Want to learn more? Attend an AWS Activation Day. These free events provide hands-on, instructor-led training for those new to AWS cloud services. Reach out to your account team or email amazonguardduty@amazon.com for more information.
Thanks for watching. It's a bad day to be malware.
1. What is Amazon GuardDuty Malware Protection for S3? Amazon GuardDuty Malware Protection for S3 is a new feature that allows organizations to scan their S3 buckets to detect malware from untrusted sources, enhancing data protection in the cloud.
2. How does GuardDuty detect and handle malware? GuardDuty continuously monitors S3 objects for potential malware threats. When detected, it tags the object for downstream orchestration, such as automated quarantining, to prevent malware spread or further damage.
3. Is there any infrastructure I need to maintain for GuardDuty? No, GuardDuty is a fully managed AWS service. AWS handles all underlying resources, scaling, and updates required for malware detection and remediation.
4. How easy is it to set up GuardDuty Malware Protection for S3? The setup is straightforward and requires minimal configurations. Integration with existing S3 buckets is quick, allowing organizations to benefit from this protective layer with just a few clicks.
5. How does GuardDuty present its findings? GuardDuty provides detailed, highly contextualized findings that include metadata about the impacted S3 bucket, the specific S3 object, malware details, and assessment severity.
6. What are the pricing details for GuardDuty S3 malware scanning? There is a free tier available that includes 1,000 PUT requests and 1 GB of free usage every month for the first 12 months. After surpassing these thresholds, charges are $ 0.60 per GB and $ 0.215 per 1,000 PUT requests, with regional variances in pricing.
7. How can I learn more about using GuardDuty effectively? Attend an AWS Activation Day for hands-on, instructor-led training. These events provide interactive workshops and guided exercises to help you design, deploy, and manage applications on the AWS cloud.
In addition to the incredible tools mentioned above, for those looking to elevate their video creation process even further, Topview.ai stands out as a revolutionary online AI video editor.
TopView.ai provides two powerful tools to help you make ads video in one click.
Materials to Video: you can upload your raw footage or pictures, TopView.ai will edit video based on media you uploaded for you.
Link to Video: you can paste an E-Commerce product link, TopView.ai will generate a video for you.