vault backup: 2025-08-24 22:06:47

aslamcodes · aslamcodes · commit 656125f16115 · 2025-08-24T22:06:47.000+05:30
diff --git a/aws/security & compliance/Guardduty.md b/aws/security & compliance/Guardduty.md
@@ -5,6 +5,7 @@ date: 19th July 2025
 done: false
 ---
 > Intelligent threat discovery to protect your AWS account, Uses ML algorithms, performs Anamaly detection on third party data
+
 **Input data**
 - CloudTrail Events logs - Unusual API calls, unauthorized deployments, Management events and data events
 - VPC flow logs - Unusual IP address and traffic
diff --git a/aws/security & compliance/detective/attachments/detective - overview-1755424919380.png b/aws/security & compliance/detective/attachments/detective - overview-1755424919380.png
diff --git a/aws/security & compliance/detective/detective - architectures.md b/aws/security & compliance/detective/detective - architectures.md
@@ -0,0 +1,6 @@
+---
+tags: 
+type: 
+date: 2025-08-17
+done: false
+---
diff --git a/aws/security & compliance/detective/detective - overview.md b/aws/security & compliance/detective/detective - overview.md
@@ -4,4 +4,6 @@ type:
 date: 2025-08-17
 done: false
 ---
-Identifying root cause of a security findings from [[security hub CSPM - overview|security hub]] could be complex and time consuming process. 
+Identifying root cause of a security findings from [[security hub CSPM - overview|security hub]] could be complex and time consuming process. Amazon detective will **work on the finding** and uses logs from VPC flow logs, Cloudtrail and uses ML and Graphs behind the scenes to produce a unified view
+
+![[detective - overview-1755424919380.png]]

-Original file line number
+Diff line change
@@ @@ -0,0 +1,6 @@ @@
 +---
 +tags:
 +type:
 +date: 2025-08-17
 +done: false
 +---