Amazon GuardDuty introduces GuardDuty Extended Threat Detection
News
AWS has announced Amazon GuardDuty Extended Threat Detection, a new capability for identifying sophisticated, multi-stage attacks across AWS environments.
- Uses AI and machine learning to correlate security signals across AWS services
- Detects complex attack sequences like credential compromise and data exfiltration
- Generates single, critical-severity findings with incident summaries and timelines
- Provides MITRE ATT&CK® tactic mapping and remediation recommendations
- Automatically enabled for all GuardDuty customers at no additional cost
- Available in all AWS commercial regions
The new feature helps security teams quickly identify and respond to critical threats by providing comprehensive, context-rich security insights.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Dec 2
2025
2025
Amazon GuardDuty adds Extended Threat Detection for Amazon EC2 and Amazon ECS
Dec 2
2025
2025
Amazon GuardDuty Extended Threat Detection now supports Amazon EC2 and Amazon ECS
Dec 2
2024
2024
Introducing Amazon GuardDuty Extended Threat Detection: AI/ML attack sequence identification for enhanced cloud security
Jun 17
2025
2025
Amazon GuardDuty Extended Threat Detection now supports Amazon EKS
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.