AWS
Guardduty
Active GuardDuty threats: crypto-mining, credential exfiltration, unusual API patterns and more.
Live preview — demo data
What this pane shows
All active GuardDuty findings for the account: cryptocurrency-mining instances, credential exfiltration to known-bad IPs, unusual API behaviour patterns, instances communicating with command-and-control servers, and other detector categories. Severity (LOW / MEDIUM / HIGH), affected resource, first-seen and last-seen timestamps are shown.
Key use cases
- Daily security triage — new HIGH findings should never sit unread.
- Investigate a finding's full context (target, source IP, attack type) on one screen.
- Confirm GuardDuty is actually enabled and reporting in every region you care about.
- Track resolution progress on long-running findings.
How to embed
lp.js is the single-entry loader: it injects the shared LightPane runtime
(and sd-embed.css) once per page. Add this pane's own stylesheet and script;
the pane mounts itself wherever the matching <div> is in the DOM.
<!-- In <head> — this pane's stylesheet -->
<link rel="stylesheet" href="https://lightpane.io/_pane-tests/aws/guardduty/guardduty.css">
<!-- Your access key (inline, or set window.lpEmbed.accessKey from your own JS) -->
<script>window.lpEmbed = { accessKey: "<your-access-key>" };</script>
<!-- Where the pane should appear -->
<div class="lp-guardduty-panel" data-lp-account="<your-account-alias>"></div>
<!-- Before </body> — shared loader + this pane's script -->
<script src="https://lightpane.io/embed/lp.js"></script>
<script src="https://lightpane.io/_pane-tests/aws/guardduty/guardduty.js" defer></script>
Tier
Available on Explorer and above.
Build notes
Mock-only at the moment — live-wiring tracked in the roadmap.