Amazon GuardDuty

2020/03/06 - 1 updated api methods

Changes   Amazon GuardDuty findings now include the OutpostArn if the finding is generated for an AWS Outposts EC2 host.

2020/03/05 - 1 updated api methods

Changes   Add a new finding field for EC2 findings indicating the instance's local IP address involved in the threat.

2019/11/15 - 5 new api methods

Changes   This release includes new operations related to findings export, including: CreatePublishingDestination, UpdatePublishingDestination, DescribePublishingDestination, DeletePublishingDestination and ListPublishingDestinations.

2019/08/09 - 1 updated api methods

Changes   New "evidence" field in the finding model to provide evidence information explaining why the finding has been triggered. Currently only threat-intelligence findings have this field. Some documentation updates.

2019/06/13 - 3 new 8 updated api methods

Changes   Support for tagging functionality in Create and Get operations for Detector, IP Set, Threat Intel Set, and Finding Filter resources and 3 new tagging APIs: ListTagsForResource, TagResource, and UntagResource.

2019/06/06 - 6 updated api methods

Changes   Improve FindingCriteria Condition field names, support long-typed conditions and deprecate old Condition field names.

2018/10/01 - 5 updated api methods

Changes   Support optional FindingPublishingFrequency parameter in CreateDetector and UpdateDetector operations, and ClientToken on Create* operations

2018/05/04 - 5 new 1 updated api methods

Changes   Amazon GuardDuty is adding five new API operations for creating and managing filters. For each filter, you can specify a criteria and an action. The action you specify is applied to findings that match the specified criteria.

2018/04/30 - 1 updated api methods

Changes   You can disable the email notification when inviting GuardDuty members using the disableEmailNotification parameter in the InviteMembers operation.

2018/02/12 - 1 updated api methods

Changes   Added PortProbeAction information to the Action section of the port probe-type finding.

2018/01/25 - 1 updated api methods

Changes   Added the missing AccessKeyDetails object to the resource shape.

2017/11/29 - 37 new api methods

Changes   Enable Amazon GuardDuty to continuously monitor and process AWS data sources to identify threats to your AWS accounts and workloads. You can add customization by uploading additional threat intelligence lists and IP safe lists. You can list security findings, suspend, and disable the service.