Certified Security - Specialty

Sign Up Free or Log In to participate!

Similar solution

@Ryan, I found another AWS article with a solution for monitoring root account usage. This article was written in 2017 and it looks like the outcome is similar to the one provided in your video. What do you think will be the best solution to use? Thanks!

2 Answers

Hi, which article are you talking about? if you share it we might be able to answer.


Francois Boer

Hi Faye. Here we go: https://aws.amazon.com/blogs/mt/monitor-and-notify-on-aws-account-root-user-activity/ Sorry for not attaching the link in the previous post. I also reached out to AWS regarding the same issue and they recommended using GuardDuty for monitoring root account usage. The AWS articles were both written before the launch of GuardDuty. I would like to know your thoughts as well.

"Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources: VPC Flow Logs, AWS CloudTrail event logs, and DNS logs."

So in essence we are setting a CloudTrial event and AWS suggester to monitor it via Guardduty

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?