07-27-2021 01:00 PM
I'm doing a cost analysis on multiple AWS security tools and Prisma Cloud Enterprise. From looking at the Prisma Cloud Admin Guide it looks like we can ingest logs from Amazon GuardDuty, AWS Inspector, and AWS Security Hub. Can Prisma Cloud Enterprise perform the same security functions as these tools or does it need to use these tools to perform their respective security functions?
For example, can Prisma Cloud Enterprise perform threat detection without the use of GuardDuty?
If Prisma Cloud Enterprise can perform threat detection without ingesting logs from GuardDuty is there a significant benefit to having threat detection from both Prisma Cloud Enterprise and GuardDuty?
Thanks!
08-11-2021 09:02 PM
Hi,
Amazon GuardDuty is a security monitoring service that analyzes and processes Virtual Private Cloud (VPC) Flow Logs and AWS CloudTrail event logs. GuardDuty uses security logic and AWS usage statistics techniques to identify unexpected and potentially unauthorized and malicious activity.
Prisma Cloud integrates with GuardDuty and extends its threat visualization capabilities. Prisma Cloud starts ingesting GuardDuty data, correlates it with the other information that Prisma Cloud already collects, and presents contextualized and actionable information through the Prisma Cloud app.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
