AWS guardduty documentation change
Summary
Added three new Runtime Monitoring finding types to the active findings table related to sensitive file modifications.
Security assessment
This change updates the reference table to include new security findings for file modification detection. It enhances documentation of security monitoring features but doesn't address a specific security incident.
Diff
diff --git a/guardduty/latest/ug/guardduty_finding-types-active.md b/guardduty/latest/ug/guardduty_finding-types-active.md index a6184c467..6929f66a1 100644 --- a//guardduty/latest/ug/guardduty_finding-types-active.md +++ b//guardduty/latest/ug/guardduty_finding-types-active.md @@ -213,0 +214 @@ Finding type | Resource type | Foundational data source/Feature | Finding severi +[DefenseEvasion:Runtime/SensitiveFileModified](./findings-runtime-monitoring.html#defense-evasion-runtime-sensitive-file-modified) | Instance, EKS cluster, ECS cluster, or container | Runtime Monitoring | Medium @@ -233,0 +235 @@ Finding type | Resource type | Foundational data source/Feature | Finding severi +[Persistence:Runtime/SensitiveFileModified](./findings-runtime-monitoring.html#persistence-runtime-sensitive-file-modified) | Instance, EKS cluster, ECS cluster, or container | Runtime Monitoring | Medium @@ -239,0 +242 @@ Finding type | Resource type | Foundational data source/Feature | Finding severi +[PrivilegeEscalation:Runtime/SensitiveFileModified](./findings-runtime-monitoring.html#privilege-escalation-runtime-sensitive-file-modified) | Instance, EKS cluster, ECS cluster, or container | Runtime Monitoring | Medium