AWS Security ChangesHomeSearch

AWS guardduty medium security documentation change

Service: guardduty · 2026-02-25 · Security-related medium

File: guardduty/latest/ug/malware-protection-backup-how-it-works.md

Summary

Extended rescan period for infected files from 90 to 365 days and updated base scan validity requirements

Security assessment

Extends malware detection window significantly, improving threat visibility. Directly enhances security documentation by updating operational parameters for malware protection.

Diff

diff --git a/guardduty/latest/ug/malware-protection-backup-how-it-works.md b/guardduty/latest/ug/malware-protection-backup-how-it-works.md
index cc2a37def..d63631e87 100644
--- a//guardduty/latest/ug/malware-protection-backup-how-it-works.md
+++ b//guardduty/latest/ug/malware-protection-backup-how-it-works.md
@@ -21 +21 @@ A full scan is where the API will accept a resource ARN and scan all the files w
-As part of an incremental scan, GuardDuty will also rescan the previously infected files from the base scan for up to 90 days.
+As part of an incremental scan, GuardDuty will also rescan the previously infected files from the base scan for up to 365 days.
@@ -27 +27 @@ The following requirements must be met for GuardDuty to perform an incremental s
-  * Base resource must be scanned within the last 90 days and the scan result must be in `COMPLETED` or `COMPLETED_WITH_ISSUES`.
+  * Base resource must be scanned within the last 365 days and the scan result must be in `COMPLETED` or `COMPLETED_WITH_ISSUES`.