Amazon GuardDuty also has the ability to perform remediation on findings through automation, and again, this uses Amazon CloudWatch Events to do so. From within Amazon CloudWatch, you can create a new rule, as in the previous demonstration, but instead of selecting EC2 for Service Name as we did earlier, you could select GuardDuty, and select GuardDuty Finding for Event Type, as shown here:
Again, you can configure your event target to then automatically implement a response, perhaps a Lambda function.
As you can see, using more than one service together can effectively help you actively monitor and detect security threats and vulnerabilities, as Amazon GuardDuty allows, and then implement mechanisms to automatically review and remediate a security issue—in this case, with a customized Lambda function.
Next, let's move on to another security service that helps us in automating our response to security incidents—AWS Security...