Back to All Checks
High GuardDuty Regional

GuardDuty Lambda Protection should be enabled

PCI DSS v4.0.1PCI DSS v11.5.1

Description

This control checks whether GuardDuty Lambda Protection is enabled. For a standalone account, the control fails if GuardDuty Lambda Protection is disabled in the account. In a multi-account environment, the control fails if the delegated GuardDuty administrator account and all member accounts don't have Lambda Protection enabled. GuardDuty Lambda Protection helps you identify potential security threats when an AWS Lambda function gets invoked. After you enable Lambda Protection, GuardDuty starts monitoring Lambda network activity logs associated with the Lambda functions in your AWS account. When a Lambda function gets invoked and GuardDuty identifies suspicious network traffic that indicates the presence of a potentially malicious piece of code in your Lambda function, GuardDuty generates a finding.

Remediation

To enable GuardDuty Lambda Protection, you need to configure the Lambda protection settings in GuardDuty.

Steps

  1. Navigate to the Amazon GuardDuty console
  2. Go to 'Settings' in the left navigation
  3. Select 'Lambda Protection'
  4. Enable 'Lambda Protection'
  5. Configure the protection settings as needed
  6. Save the configuration
  7. Verify that Lambda protection is active

Compliance

PCI DSS v4.0.1PCI DSS v11.5.1
Start Your Free Security Check