A company has enabled Amazon GuardDuty in all AWS Regions as part of its security monitoring strategy. In one of its VPCs, the company hosts an Amazon EC2 instance that works as an FTP server. A high number of clients from multiple locations contact the FTP server. GuardDuty identifies this activity as a brute force attack because of the high number of connections that happen every hour.
The company has flagged the finding as a false positive, but GuardDuty continues to raise the issue. A security engineer must improve the signal-to-noise ratio without compromising the company's visibility of potential anomalous behavior.
Which solution will meet these requirements?
100fold
Highly Voted 1 year, 1 month agoFunkyFresco
Most Recent 3 months, 2 weeks agoRaphaello
9 months agoWeepingMaplte
12 months agoDaniel76
1 year agoAamee
1 year ago