Configure Amazon GuardDuty within Stax

Stax Assurance configures Amazon GuardDuty on your behalf across your entire AWS Organization. By default, Stax takes three actions:

• Enables GuardDuty for all accounts within your AWS Organization

• Assigns the Security account as the delegated administrator

• Centralizes all findings within the Security account

Stax-managed GuardDuty creates an S3 bucket in your Logging account that stores exported GuardDuty findings. In addition, you can manage protection plans and configuration settings within your Stax-managed GuardDuty configuration. This includes:

• EKS Protection

• Lambda Protection

• Malware Protection

• RDS Protection

• S3 Protection

• Frequency for updated findings

It is important to note that when you configure these GuardDuty protection plans in Stax, the configuration is applied to all regions across all accounts. If you have existing configuration for individual accounts in individual regions, Stax cannot accommodate this.

See Using Stax-managed GuardDuty for guidance configuring GuardDuty in the Stas console, or the API docs for programmatic use.