Service Screener | GUARDDUTY

Region	FlowLogs	CloudTrail	DnsLogs	S3Logs	Kubernetes AuditLogs	MalwareProtection ScanEc2InstanceWithFindings	Total
ap-southeast-1	$0.0000	$0.1121	$0.0000	$0.0001	$0.0000	$0.0000	$0.11220000000000001
us-east-1	$0.0000	$0.0031	$0.0000	$0.0181	$0.0000	$0.0000	$0.0212

IAMUser
- Impact:IAMUser/AnomalousBehavior
  - ap-southeast-1: (120), The user AssumedRole : AWSReservedSSO_AWSAdministratorAccess_fae89f7963febc98 is anomalously invoking APIs commonly used in Impact tactics. | (32 days ago), 14cd8866cb066fcb0e231d466f80bf44

IAMUser
- Persistence:IAMUser/AnomalousBehavior
  - ap-southeast-1: (36), The user AssumedRole : AWSReservedSSO_AWSAdministratorAccess_fae89f7963febc98 is anomalously invoking APIs commonly used in Persistence tactics. | (31 days ago), cccd88d074225cea4b1729402b7f991d
  - ap-southeast-1: (120), The user AssumedRole : AWSReservedSSO_AWSAdministratorAccess_fae89f7963febc98 is anomalously invoking APIs commonly used in Persistence tactics. | (32 days ago), aacd8866cae562d7909efa47cc141a73

IAMUser
- Discovery:IAMUser/AnomalousBehavior
  - ap-southeast-1: (120), The user AssumedRole : AWSReservedSSO_AWSAdministratorAccess_fae89f7963febc98 is anomalously invoking APIs commonly used in Discovery tactics. | (32 days ago), 42cd8866cb186a00e6094be4563982ed
  - us-east-1: (60), The user AssumedRole : AWSReservedSSO_AWSAdministratorAccess_fae89f7963febc98 is anomalously invoking APIs commonly used in Discovery tactics. | (32 days ago), d2cd886add557651ca2fda1f1b214730

S3
- Discovery:S3/AnomalousBehavior
  - us-east-1: (5), An API commonly used to discover S3 objects was invoked in an unusual way. | (32 days ago), 14cd889c99f230c07c50f6de8adca046