Reputation: 363
Amazon-Guard-Duty for my spring boot application running on AWS
I have a spring boot application running in an EC2 instance in AWS. It basically exposes REST endpoints and APIs for other application. Now I want to improve the security measures for my app such as preventing DDoS attacks, requests from malicious hosts and using our own certificates for communications. I came across Amazon guard duty but I don't understand how it will help in securing my app and what are the alternatives? Any suggestions and guidelines are welcomed.
Upvotes: 0
Views: 159
Answers (1)
Reputation: 652
Amazon GuardDuty is simply a security monitoring tool akin to a Intrusion Detection System you may run in a traditional data center. It analyzes logs generated by AWS (CloudTrial, VPC Flows, etc.) and compares them with threat feeds, as well as uses machine learning to discover anomalies. It will alert you to traffic from known malicious hosts, but will not block. To do this you would need to use AWS Web Application Firewall or a 3rd party network appliance.
You get some DDOS protection just by using AWS. All workloads running in AWS are protected against Network and Transport layer attacks by AWS Shield. If you are using CloudFront and Route 53, you also get layer 3 and 4 protections.
You should be able to use your own certificates in AWS in a similar manner to how you would use them anywhere else.
Upvotes: 1
Related Questions
- Spring security deployed app on AWS ThinkPHP request
- Is there a script to enable aws guard duty through CLI?
- Deploying a Spring Boot Application on AWS Using AWS Elastic Beanstalk
- Restricting access to AWS S3 objects
- AWS GuardDuty invitation
- AWS SES auditing
- How to properly deploy Spring Cloud services to AWS ECS
- Spring Security with AWS IAM or Cognito
- Running spring boot application in AWS and only allowing access via the AWS API Gateway
- Spring security fail in load balanced (AWS Beanstalk) environment?