Threat Detection¶
Security services and tools for identifying, monitoring, and responding to potential threats and malicious activities in cloud environments.
| Name | Description | Link |
|---|---|---|
| AWS GuardDuty | Threat detection service that continuously monitors for malicious activity and unauthorized behavior. | AWS GuardDuty |
| Azure Defender | Advanced threat protection for workloads in Azure, now part of Microsoft Defender for Cloud. | Azure Defender |
| Chronicle Security (Google) | Google Cloud's threat detection and response platform. | Chronicle Security |
Threat Detection Fundamentals¶
Types of Threats¶
- External threats - Attacks from outside the organization
- Internal threats - Malicious or negligent insiders
- Advanced persistent threats (APTs) - Sophisticated, long-term attacks
- Zero-day exploits - Attacks using unknown vulnerabilities
- Supply chain attacks - Compromised third-party components
Have any suggestions, additions, best-practices or references? Please contribute to help others learn!