Introducing Amazon GuardDuty Extended Threat Detection: AI/ML attack sequence identification for enhanced cloud security
AWS News Blog
Amazon GuardDuty has introduced Extended Threat Detection, a new AI/ML-powered security feature that enhances cloud threat detection and response capabilities.
- Uses AI/ML to identify complex, multi-step attack sequences across cloud environments
- Introduces a new "critical" severity level for high-confidence threat findings
- Provides natural language threat summaries and MITRE ATT&CK framework mapping
- Offers prescriptive remediation recommendations
- Covers areas like credential exfiltration, privilege escalation, and data compromise
The feature is automatically enabled for all GuardDuty customers at no additional cost, helping organizations more efficiently detect and respond to sophisticated cloud security threats.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Dec 2
2024
2024
Amazon GuardDuty introduces GuardDuty Extended Threat Detection
Dec 2
2025
2025
Amazon GuardDuty Extended Threat Detection now supports Amazon EC2 and Amazon ECS
Dec 2
2025
2025
Amazon GuardDuty adds Extended Threat Detection for Amazon EC2 and Amazon ECS
Jun 17
2025
2025
Amazon GuardDuty expands Extended Threat Detection coverage to Amazon EKS clusters
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.