Today, Amazon Web Services (AWS) announces the availability of Amazon GuardDuty Malware Protection for Amazon EC2 in AWS GovCloud (US) Regions, enabling GuardDuty customers to detect the potential presence of malware by scanning the Amazon Elastic Block Store (Amazon EBS) volumes attached to Amazon Elastic Compute Cloud (Amazon EC2) instances and container workloads running on Amazon EC2. Malware scanning in GuardDuty does not any additional security software to be deployed and is designed to have no performance impact to running workloads. When potential malware is identified, GuardDuty generates actionable security findings with information related to the resource and the detected threat. Malware Protection for EC2 supports two methods of scanning: 1/ GuardDuty-initiated scans, which automatically initiates a malware scan when GuardDuty detects suspicious behavior indicative of malware on the instance, and 2/ On-demand scans, where you can initiate scan by providing the Amazon Resource Name (ARN) of the Amazon EC2 instance.

Tens of thousands of customers across many industries and geographies use GuardDuty. GuardDuty can identify unusual or unauthorized activity like cryptocurrency mining, access to data stored in Amazon Simple Storage Service (Amazon S3) from unusual locations, or unauthorized access to Amazon Elastic Kubernetes Service (Amazon EKS) clusters. If you’re new to GuardDuty, you can try it at no cost for 30 days on the AWS Free Tier.

To learn more and get started: