Clients of Amazon GuardDuty can use Recorded Future’s intelligence to reduce time to threat identification and remediation. By integrating solutions with Recorded Future, organizations can:
The Recorded Future and Amazon GuardDuty integration allows users to greatly reduce time to verdict while reviewing findings by:
The Recorded Future and Amazon GuardDuty integration allows users to upload a Recorded Future threat list of high-fidelity, known malicious IP addresses, including a Security Control Feed, into Amazon GuardDuty for correlation against client’s telemetry data.
As Amazon GuardDuty monitors activity across the users’ Amazon Web Services (AWS) accounts, the Recorded Future threat list will be correlated against to detect malicious IPs and generate findings for review.
Once alerts have been generated from the Recorded Future threat list, users are able to access valuable information under the Findings section in Amazon GuardDuty, including the malicious IP address and location details.
Additionally, using the Recorded Future Browser Extension, users can enrich the data in Amazon GuardDuty with Recorded Future’s security intelligence. The Recorded Future Browser Extension provides risk scores and evidence in real-time and allows users to open the Intelligence Card for the IP address in question to review additional context.