Join us for this hands-on lab where you learn about Amazon GuardDuty by walking through some real-world threat scenarios. Learn about the threat detection capabilities of GuardDuty and the available remediation options. We first go through a scenario where an Amazon EC2 instance is compromised, followed by one where IAM credentials are compromised. In each scenario, we look at a method to remediate the threat. We use the following services: AWS CloudFormation, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch events, Amazon SNS, Amazon S3, AWS Lambda, and, of course, Amazon GuardDuty. Be sure you have an AWS account to do the lab. This should be your own personal account and not an account through your company. We provide AWS credits to help cover any costs incurred during the lab.