< Back to rules search
AWS EC2 Instance Probed by Scanner
Set up the guardduty integration.
Detect when an EC2 instance is being probed by a scanner.
This rule lets you monitor these GuardDuty integration findings:
Triage & Response
- This is typically an informative signal. However, if this instance should not be publicly available, you should review the security group for this instance.