Amazon GuardDuty recently reduced the price of its threat detection offering for some users. This price change includes the addition of another volume discount tier and further optimization of its CloudTrail analysis. If you’re a high-volume user and want to learn about how this change might impact your use of Amazon GuardDuty, here’s some additional information.
About Amazon GuardDuty
Amazon GuardDuty is a program that continuously monitors AWS accounts, access keys, and other resources for malicious or unauthorized behavior, like cryptocurrency mining or infrastructure deployments in a previously unused region. The program is available globally and uses threat intelligence and machine learning to help AWS users more effectively protect their resources.
More specifically, the new top discount pricing tier for VPC Flow Log and DNS Log analysis is now at $0.15 per GB, which represents a 40 percent reduction from the previous top discount tier, which was $0.25 per GB. The new discount tier is meant for customers that generate over 10,000 gigabytes (GB) per month in VPC Flow Log and DNS log analysis.
There are a few additional pricing tier changes, which vary based on AWS region. You can check the Amazon GuardDuty website or your dashboard to see specifics about how the new tiers might impact your account, based on specific usage data.
Amazon GuardDuty also recently introduced another round of CloudTrail optimizations, which are meant to result in fewer events being processed for threat detection. Ultimately, this should lower the cost of GuardDuty customers across regions. Of course, specific cost changes will vary by customer based on their own specific log volume.
In addition, Amazon GuardDuty has increased its security detections by more than double, while also improving many of the existing detections. The ultimate goal of these changes is to improve accuracy and reduce alert volume for users.
Featured image: Freerange Stock