Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà.
# GuardDuty tipi di ricerca
Un risultato è una notifica che viene GuardDuty generata quando rileva un'indicazione di un'attività sospetta o dannosa all'interno dell'utente. Account AWS GuardDuty genera un risultato in un account che è stato abilitato. GuardDuty
Per informazioni sulle modifiche importanti ai tipi di GuardDuty risultati, inclusi i tipi di risultati appena aggiunti o ritirati, vedere[Cronologia dei documenti per Amazon GuardDuty](doc-history.md).
Per informazioni sui tipi di esiti che sono stati ritirati, consulta [Tipi di esiti ritirati](guardduty_finding-types-retired.md).
## GuardDuty ricerca dei tipi in base alle risorse potenzialmente interessate
Le pagine seguenti sono classificate in base al tipo di risorsa potenzialmente interessata associata a un risultato: GuardDuty
+ [Tipi di esiti EC2](guardduty_finding-types-ec2.md)
+ [Tipi di esiti IAM](guardduty_finding-types-iam.md)
+ [tipi di ricerca delle sequenze di attacco](guardduty-attack-sequence-finding-types.md)
+ [Tipi di risultati di protezione S3](guardduty_finding-types-s3.md)
+ [Tipi di risultati di protezione EKS](guardduty-finding-types-eks-audit-logs.md)
+ [Tipi di risultati del monitoraggio del runtime](findings-runtime-monitoring.md)
+ [Protezione da malware per tipi di ricerca EC2](findings-malware-protection.md)
+ [Protezione da malware per tipo di ricerca S3](gdu-malware-protection-s3-finding-types.md)
+ [Tipi di ricerca di Malware Protection for Backup](findings-malware-protection-backup.md)
+ [Tipi di esiti della Protezione RDS](findings-rds-protection.md)
+ [Tipi di esiti della Protezione Lambda](lambda-protection-finding-types.md)
## GuardDuty tipi di ricerca attivi
La tabella seguente mostra tutti i tipi di esiti attivi ordinati per origine dati o funzionalità fondamentale, a seconda dei casi. Nella tabella seguente, alcuni risultati hanno i valori della colonna *Finding severity* contrassegnati da un asterisco (\*) o da un segno più (\+):
\* Questi tipi di risultati hanno una gravità variabile. Un risultato di un tipo particolare può avere una gravità diversa a seconda del contesto specifico del risultato. Per ulteriori informazioni su un tipo di risultato, consulta la descrizione dettagliata.
\+ I risultati di EC2 che utilizzano i log di flusso VPC come fonte di dati non supportano il traffico IPv6.
| Tipo di risultato | Tipo di risorsa | Dati fondamentali source/Feature | Gravità dell'esito |
| --- | --- | --- | --- |
| [Discovery:S3/AnomalousBehavior](guardduty_finding-types-s3.md#discovery-s3-anomalousbehavior) | Simple Storage Service (Amazon S3) | CloudTrail eventi relativi ai dati per S3 | Bassa |
| [Discovery:S3/MaliciousIPCaller](guardduty_finding-types-s3.md#discovery-s3-maliciousipcaller) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [Discovery:S3/MaliciousIPCaller.Custom](guardduty_finding-types-s3.md#discovery-s3-maliciousipcallercustom) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [Discovery:S3/TorIPCaller](guardduty_finding-types-s3.md#discovery-s3-toripcaller) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Media |
| [Exfiltration:S3/AnomalousBehavior](guardduty_finding-types-s3.md#exfiltration-s3-anomalousbehavior) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [Exfiltration:S3/MaliciousIPCaller](guardduty_finding-types-s3.md#exfiltration-s3-maliciousipcaller) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [Impact:EC2/MaliciousDomainRequest.Custom](guardduty_finding-types-ec2.md#impact-ec2-maliciousdomainrequest-custom) | Amazon EC2 | Log DNS | Media |
| [Impact:S3/AnomalousBehavior.Delete](guardduty_finding-types-s3.md#impact-s3-anomalousbehavior-delete) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [Impact:S3/AnomalousBehavior.Permission](guardduty_finding-types-s3.md#impact-s3-anomalousbehavior-permission) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [Impact:S3/AnomalousBehavior.Write](guardduty_finding-types-s3.md#impact-s3-anomalousbehavior-write) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Media |
| [Impact:S3/MaliciousIPCaller](guardduty_finding-types-s3.md#impact-s3-maliciousipcaller) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [PenTest:S3/KaliLinux](guardduty_finding-types-s3.md#pentest-s3-kalilinux) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Media |
| [PenTest:S3/ParrotLinux](guardduty_finding-types-s3.md#pentest-s3-parrotlinux) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Media |
| [PenTest:S3/PentooLinux](guardduty_finding-types-s3.md#pentest-s3-pentoolinux) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Media |
| [UnauthorizedAccess:S3/TorIPCaller](guardduty_finding-types-s3.md#unauthorizedaccess-s3-toripcaller) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [UnauthorizedAccess:S3/MaliciousIPCaller.Custom](guardduty_finding-types-s3.md#unauthorizedaccess-s3-maliciousipcallercustom) | Simple Storage Service (Amazon S3) | CloudTrail eventi di dati per S3 | Elevata |
| [CredentialAccess:IAMUser/AnomalousBehavior](guardduty_finding-types-iam.md#credentialaccess-iam-anomalousbehavior) | IAM | CloudTrail eventi di gestione | Media |
| [CredentialAccess:IAMUser/CompromisedCredentials](guardduty_finding-types-iam.md#credentialaccess-iam-compromisedcredentials) | IAM | CloudTrail eventi di gestione o eventi CloudTrail relativi ai dati per S3 | Elevata |
| [DefenseEvasion:IAMUser/AnomalousBehavior](guardduty_finding-types-iam.md#defenseevasion-iam-anomalousbehavior) | IAM | CloudTrail eventi di gestione | Media |
| [DefenseEvasion:IAMUser/BedrockLoggingDisabled](guardduty_finding-types-iam.md#defenseevasion-iam-bedrockloggingdisabled) | IAM | CloudTrail eventi di gestione | Media |
| [Discovery:IAMUser/AnomalousBehavior](guardduty_finding-types-iam.md#discovery-iam-anomalousbehavior) | IAM | CloudTrail eventi di gestione | Bassa |
| [Exfiltration:IAMUser/AnomalousBehavior](guardduty_finding-types-iam.md#exfiltration-iam-anomalousbehavior) | IAM | CloudTrail eventi di gestione | Elevata |
| [Impact:IAMUser/AnomalousBehavior](guardduty_finding-types-iam.md#impact-iam-anomalousbehavior) | IAM | CloudTrail eventi di gestione | Elevata |
| [InitialAccess:IAMUser/AnomalousBehavior](guardduty_finding-types-iam.md#initialaccess-iam-anomalousbehavior) | IAM | CloudTrail eventi di gestione | Media |
| [PenTest:IAMUser/KaliLinux](guardduty_finding-types-iam.md#pentest-iam-kalilinux) | IAM | CloudTrail eventi di gestione | Media |
| [PenTest:IAMUser/ParrotLinux](guardduty_finding-types-iam.md#pentest-iam-parrotlinux) | IAM | CloudTrail eventi di gestione | Media |
| [PenTest:IAMUser/PentooLinux](guardduty_finding-types-iam.md#pentest-iam-pentoolinux) | IAM | CloudTrail eventi di gestione | Media |
| [Persistence:IAMUser/AnomalousBehavior](guardduty_finding-types-iam.md#persistence-iam-anomalousbehavior) | IAM | CloudTrail eventi di gestione | Media |
| [Stealth:IAMUser/PasswordPolicyChange](guardduty_finding-types-iam.md#stealth-iam-passwordpolicychange) | IAM | CloudTrail eventi di gestione | Basso [*](#gdu-active-findings-variable-severity) |
| [UnauthorizedAccess:IAMUser/InstanceCredentialExfiltration.InsideAWS](guardduty_finding-types-iam.md#unauthorizedaccess-iam-instancecredentialexfiltrationinsideaws) | IAM | CloudTrail eventi gestionali | Alto [*](#gdu-active-findings-variable-severity) |
| [Policy:S3/AccountBlockPublicAccessDisabled](guardduty_finding-types-s3.md#policy-s3-accountblockpublicaccessdisabled) | Simple Storage Service (Amazon S3) | CloudTrail eventi gestionali | Bassa |
| [Policy:S3/BucketAnonymousAccessGranted](guardduty_finding-types-s3.md#policy-s3-bucketanonymousaccessgranted) | Simple Storage Service (Amazon S3) | CloudTrail eventi di gestione | Elevata |
| [Policy:S3/BucketBlockPublicAccessDisabled](guardduty_finding-types-s3.md#policy-s3-bucketblockpublicaccessdisabled) | Simple Storage Service (Amazon S3) | CloudTrail eventi di gestione | Bassa |
| [Policy:S3/BucketPublicAccessGranted](guardduty_finding-types-s3.md#policy-s3-bucketpublicaccessgranted) | Simple Storage Service (Amazon S3) | CloudTrail eventi di gestione | Elevata |
| [PrivilegeEscalation:IAMUser/AnomalousBehavior](guardduty_finding-types-iam.md#privilegeescalation-iam-anomalousbehavior) | IAM | CloudTrail eventi di gestione | Media |
| [Recon:IAMUser/MaliciousIPCaller](guardduty_finding-types-iam.md#recon-iam-maliciousipcaller) | IAM | CloudTrail eventi di gestione | Media |
| [Recon:IAMUser/MaliciousIPCaller.Custom](guardduty_finding-types-iam.md#recon-iam-maliciousipcallercustom) | IAM | CloudTrail eventi di gestione | Media |
| [Recon:IAMUser/TorIPCaller](guardduty_finding-types-iam.md#recon-iam-toripcaller) | IAM | CloudTrail eventi di gestione | Media |
| [Stealth:IAMUser/CloudTrailLoggingDisabled](guardduty_finding-types-iam.md#stealth-iam-cloudtrailloggingdisabled) | IAM | CloudTrail eventi di gestione | Bassa |
| [Stealth:S3/ServerAccessLoggingDisabled](guardduty_finding-types-s3.md#stealth-s3-serveraccessloggingdisabled) | Simple Storage Service (Amazon S3) | CloudTrail eventi di gestione | Bassa |
| [UnauthorizedAccess:IAMUser/ConsoleLoginSuccess.B](guardduty_finding-types-iam.md#unauthorizedaccess-iam-consoleloginsuccessb) | IAM | CloudTrail eventi di gestione | Media |
| [UnauthorizedAccess:IAMUser/MaliciousIPCaller](guardduty_finding-types-iam.md#unauthorizedaccess-iam-maliciousipcaller) | IAM | CloudTrail eventi di gestione | Media |
| [UnauthorizedAccess:IAMUser/MaliciousIPCaller.Custom](guardduty_finding-types-iam.md#unauthorizedaccess-iam-maliciousipcallercustom) | IAM | CloudTrail eventi di gestione | Media |
| [UnauthorizedAccess:IAMUser/TorIPCaller](guardduty_finding-types-iam.md#unauthorizedaccess-iam-toripcaller) | IAM | CloudTrail eventi di gestione | Media |
| [Policy:IAMUser/RootCredentialUsage](guardduty_finding-types-iam.md#policy-iam-rootcredentialusage) | IAM | CloudTrail eventi di gestione o eventi CloudTrail relativi ai dati per S3 | Bassa |
| [Policy:IAMUser/ShortTermRootCredentialUsage](guardduty_finding-types-iam.md#policy-iam-user-short-term-root-credential-usage) | IAM | CloudTrail eventi di gestione o eventi CloudTrail relativi ai dati per S3 | Bassa |
| [UnauthorizedAccess:IAMUser/InstanceCredentialExfiltration.OutsideAWS](guardduty_finding-types-iam.md#unauthorizedaccess-iam-instancecredentialexfiltrationoutsideaws) | IAM | CloudTrail eventi di gestione o eventi CloudTrail relativi ai dati per S3 | Elevata |
| [UnauthorizedAccess:IAMUser/ResourceCredentialExfiltration.OutsideAWS](guardduty_finding-types-iam.md#unauthorizedaccess-iam-resourcecredentialexfiltrationoutsideaws) | IAM | CloudTrail eventi di gestione o eventi CloudTrail relativi ai dati per S3 | Elevata |
| [AttackSequence:EKS/CompromisedCluster](guardduty-attack-sequence-finding-types.md#attack-sequence-eks-compromised-cluster) | Risorse coinvolte nella sequenza di attacco | [See the AWS documentation website for more details](http://docs.aws.amazon.com/it_it/guardduty/latest/ug/guardduty_finding-types-active.html) | Critica |
| [AttackSequence:IAM/CompromisedCredentials](guardduty-attack-sequence-finding-types.md#attack-sequence-iam-compromised-credentials) | Risorse coinvolte nella sequenza di attacco | CloudTrail eventi di gestione | Critica |
| [AttackSequence:S3/CompromisedData](guardduty-attack-sequence-finding-types.md#attack-sequence-s3-compromised-data) | Risorse coinvolte nella sequenza degli attacchi | CloudTrail eventi di gestione ed eventi CloudTrail relativi ai dati per S3 | Critica |
| [AttackSequence:ECS/CompromisedCluster](guardduty-attack-sequence-finding-types.md#attack-sequence-ecs-compromised-cluster) | Risorse coinvolte nella sequenza degli attacchi | [See the AWS documentation website for more details](http://docs.aws.amazon.com/it_it/guardduty/latest/ug/guardduty_finding-types-active.html) | Critica |
| [AttackSequence:EC2/CompromisedInstanceGroup](guardduty-attack-sequence-finding-types.md#attack-sequence-ec2-compromised-instance-group) | Risorse coinvolte nella sequenza di attacco | [See the AWS documentation website for more details](http://docs.aws.amazon.com/it_it/guardduty/latest/ug/guardduty_finding-types-active.html) | Critica |
| [Backdoor:EC2/C&CActivity.B\!DNS](guardduty_finding-types-ec2.md#backdoor-ec2-ccactivitybdns) | Amazon EC2 | Log DNS | Elevata |
| [CryptoCurrency:EC2/BitcoinTool.B\!DNS](guardduty_finding-types-ec2.md#cryptocurrency-ec2-bitcointoolbdns) | Amazon EC2 | Log DNS | Elevata |
| [Impact:EC2/AbusedDomainRequest.Reputation](guardduty_finding-types-ec2.md#impact-ec2-abuseddomainrequestreputation) | Amazon EC2 | Log DNS | Media |
| [Impact:EC2/BitcoinDomainRequest.Reputation](guardduty_finding-types-ec2.md#impact-ec2-bitcoindomainrequestreputation) | Amazon EC2 | Log DNS | Elevata |
| [Impact:EC2/MaliciousDomainRequest.Reputation](guardduty_finding-types-ec2.md#impact-ec2-maliciousdomainrequestreputation) | Amazon EC2 | Log DNS | Elevata |
| [Impact:EC2/SuspiciousDomainRequest.Reputation](guardduty_finding-types-ec2.md#impact-ec2-suspiciousdomainrequestreputation) | Amazon EC2 | Log DNS | Bassa |
| [Trojan:EC2/BlackholeTraffic\!DNS](guardduty_finding-types-ec2.md#trojan-ec2-blackholetrafficdns) | Amazon EC2 | Log DNS | Media |
| [Trojan:EC2/DGADomainRequest.B](guardduty_finding-types-ec2.md#trojan-ec2-dgadomainrequestb) | Amazon EC2 | Log DNS | Elevata |
| [Trojan:EC2/DGADomainRequest.C\!DNS](guardduty_finding-types-ec2.md#trojan-ec2-dgadomainrequestcdns) | Amazon EC2 | Log DNS | Elevata |
| [Trojan:EC2/DNSDataExfiltration](guardduty_finding-types-ec2.md#trojan-ec2-dnsdataexfiltration) | Amazon EC2 | Log DNS | Elevata |
| [Trojan:EC2/DriveBySourceTraffic\!DNS](guardduty_finding-types-ec2.md#trojan-ec2-drivebysourcetrafficdns) | Amazon EC2 | Log DNS | Elevata |
| [Trojan:EC2/DropPoint\!DNS](guardduty_finding-types-ec2.md#trojan-ec2-droppointdns) | Amazon EC2 | Log DNS | Media |
| [Trojan:EC2/PhishingDomainRequest\!DNS](guardduty_finding-types-ec2.md#trojan-ec2-phishingdomainrequestdns) | Amazon EC2 | Log DNS | Elevata |
| [UnauthorizedAccess:EC2/MetadataDNSRebind](guardduty_finding-types-ec2.md#unauthorizedaccess-ec2-metadatadnsrebind) | Amazon EC2 | Log DNS | Elevata |
| [Execution:Container/MaliciousFile](findings-malware-protection.md#execution-malware-container-maliciousfile) | Contenitore | Protezione da malware EBS | Varia a seconda della minaccia rilevata |
| [Execution:Container/SuspiciousFile](findings-malware-protection.md#execution-malware-container-suspiciousfile) | Contenitore | Protezione da malware EBS | Varia a seconda della minaccia rilevata |
| [Execution:EC2/MaliciousFile](findings-malware-protection.md#execution-malware-ec2-maliciousfile) | Amazon EC2 | Protezione da malware EBS | Varia a seconda della minaccia rilevata |
| [Execution:EC2/SuspiciousFile](findings-malware-protection.md#execution-malware-ec2-suspiciousfile) | Amazon EC2 | Protezione da malware EBS | Varia a seconda della minaccia rilevata |
| [Execution:ECS/MaliciousFile](findings-malware-protection.md#execution-malware-ecs-maliciousfile) | ECS | Protezione da malware EBS | Varia a seconda della minaccia rilevata |
| [Execution:ECS/SuspiciousFile](findings-malware-protection.md#execution-malware-ecs-suspiciousfile) | ECS | Protezione da malware EBS | Varia a seconda della minaccia rilevata |
| [Execution:Kubernetes/MaliciousFile](findings-malware-protection.md#execution-malware-kubernetes-maliciousfile) | Kubernetes | Protezione da malware EBS | Varia a seconda della minaccia rilevata |
| [Execution:Kubernetes/SuspiciousFile](findings-malware-protection.md#execution-malware-kubernetes-suspiciousfile) | Kubernetes | Protezione da malware EBS | Varia a seconda della minaccia rilevata |
| [Execution:EC2/MaliciousFile\!Snapshot](findings-malware-protection-backup.md#execution-malware-ec2-maliciousfile-snapshot) | Amazon EBS | Protezione da malware per il backup | Varia a seconda della minaccia rilevata |
| [Execution:EC2/MaliciousFile\!AMIÈ stato rilevato un file dannoso su un’AMI EC2.](findings-malware-protection-backup.md#execution-malware-ec2-maliciousfile-ami) | Amazon EC2 | Protezione da malware per il backup | Varia a seconda della minaccia rilevata |
| [Execution:EC2/MaliciousFile\!RecoveryPoint](findings-malware-protection-backup.md#execution-malware-ec2-maliciousfile-recoverypoint) | AWS Backup | Protezione da malware per il backup | Varia a seconda della minaccia rilevata |
| [Execution:S3/MaliciousFile\!RecoveryPoint](findings-malware-protection-backup.md#execution-malware-s3-maliciousfile-recoverypoint) | AWS Backup | Protezione da malware per il backup | Varia a seconda della minaccia rilevata |
| [CredentialAccess:Kubernetes/AnomalousBehavior.SecretsAccessed](guardduty-finding-types-eks-audit-logs.md#credaccess-kubernetes-anomalousbehavior-secretsaccessed) | Kubernetes | Log di controllo EKS | Media |
| [CredentialAccess:Kubernetes/MaliciousIPCaller](guardduty-finding-types-eks-audit-logs.md#credentialaccess-kubernetes-maliciousipcaller) | Kubernetes | Log di controllo EKS | Elevata |
| [CredentialAccess:Kubernetes/MaliciousIPCaller.Custom](guardduty-finding-types-eks-audit-logs.md#credentialaccess-kubernetes-maliciousipcallercustom) | Kubernetes | Log di controllo EKS | Elevata |
| [CredentialAccess:Kubernetes/SuccessfulAnonymousAccess](guardduty-finding-types-eks-audit-logs.md#credentialaccess-kubernetes-successfulanonymousaccess) | Kubernetes | Log di controllo EKS | Elevata |
| [CredentialAccess:Kubernetes/TorIPCaller](guardduty-finding-types-eks-audit-logs.md#credentialaccess-kubernetes-toripcaller) | Kubernetes | Log di controllo EKS | Elevata |
| [DefenseEvasion:Kubernetes/MaliciousIPCaller](guardduty-finding-types-eks-audit-logs.md#defenseevasion-kubernetes-maliciousipcaller) | Kubernetes | Log di controllo EKS | Elevata |
| [DefenseEvasion:Kubernetes/MaliciousIPCaller.Custom](guardduty-finding-types-eks-audit-logs.md#defenseevasion-kubernetes-maliciousipcallercustom) | Kubernetes | Log di controllo EKS | Elevata |
| [DefenseEvasion:Kubernetes/SuccessfulAnonymousAccess](guardduty-finding-types-eks-audit-logs.md#defenseevasion-kubernetes-successfulanonymousaccess) | Kubernetes | Log di controllo EKS | Elevata |
| [DefenseEvasion:Kubernetes/TorIPCaller](guardduty-finding-types-eks-audit-logs.md#defenseevasion-kubernetes-toripcaller) | Kubernetes | Log di controllo EKS | Elevata |
| [Discovery:Kubernetes/AnomalousBehavior.PermissionChecked](guardduty-finding-types-eks-audit-logs.md#discovery-kubernetes-anomalousbehavrior-permissionchecked) | Kubernetes | Log di controllo EKS | Bassa |
| [Discovery:Kubernetes/MaliciousIPCaller](guardduty-finding-types-eks-audit-logs.md#discovery-kubernetes-maliciousipcaller) | Kubernetes | Log di controllo EKS | Media |
| [Discovery:Kubernetes/MaliciousIPCaller.Custom](guardduty-finding-types-eks-audit-logs.md#discovery-kubernetes-maliciousipcallercustom) | Kubernetes | Log di controllo EKS | Media |
| [Discovery:Kubernetes/SuccessfulAnonymousAccess](guardduty-finding-types-eks-audit-logs.md#discovery-kubernetes-successfulanonymousaccess) | Kubernetes | Log di controllo EKS | Media |
| [Discovery:Kubernetes/TorIPCaller](guardduty-finding-types-eks-audit-logs.md#discovery-kubernetes-toripcaller) | Kubernetes | Log di controllo EKS | Media |
| [Execution:Kubernetes/ExecInKubeSystemPod](guardduty-finding-types-eks-audit-logs.md#execution-kubernetes-execinkubesystempod) | Kubernetes | Log di controllo EKS | Media |
| [Execution:Kubernetes/AnomalousBehavior.ExecInPod](guardduty-finding-types-eks-audit-logs.md#execution-kubernetes-anomalousbehvaior-execinprod) | Kubernetes | Log di controllo EKS | Media |
| [Execution:Kubernetes/AnomalousBehavior.WorkloadDeployed](guardduty-finding-types-eks-audit-logs.md#exec-kubernetes-anomalousbehavior-workloaddeployed) | Kubernetes | Log di controllo EKS | Bassa |
| [Impact:Kubernetes/MaliciousIPCaller](guardduty-finding-types-eks-audit-logs.md#impact-kubernetes-maliciousipcaller) | Kubernetes | Log di controllo EKS | Elevata |
| [Impact:Kubernetes/MaliciousIPCaller.Custom](guardduty-finding-types-eks-audit-logs.md#impact-kubernetes-maliciousipcallercustom) | Kubernetes | Log di controllo EKS | Elevata |
| [Impact:Kubernetes/SuccessfulAnonymousAccess](guardduty-finding-types-eks-audit-logs.md#impact-kubernetes-successfulanonymousaccess) | Kubernetes | Log di controllo EKS | Elevata |
| [Impact:Kubernetes/TorIPCaller](guardduty-finding-types-eks-audit-logs.md#impact-kubernetes-toripcaller) | Kubernetes | Log di controllo EKS | Elevata |
| [Persistence:Kubernetes/ContainerWithSensitiveMount](guardduty-finding-types-eks-audit-logs.md#persistence-kubernetes-containerwithsensitivemount) | Kubernetes | Log di controllo EKS | Media |
| [Persistence:Kubernetes/MaliciousIPCaller](guardduty-finding-types-eks-audit-logs.md#persistence-kubernetes-maliciousipcaller) | Kubernetes | Log di controllo EKS | Media |
| [Persistence:Kubernetes/MaliciousIPCaller.Custom](guardduty-finding-types-eks-audit-logs.md#persistence-kubernetes-maliciousipcallercustom) | Kubernetes | Log di controllo EKS | Media |
| [Persistence:Kubernetes/SuccessfulAnonymousAccess](guardduty-finding-types-eks-audit-logs.md#persistence-kubernetes-successfulanonymousaccess) | Kubernetes | Log di controllo EKS | Elevata |
| [Persistence:Kubernetes/TorIPCaller](guardduty-finding-types-eks-audit-logs.md#persistence-kubernetes-toripcaller) | Kubernetes | Log di controllo EKS | Media |
| [Policy:Kubernetes/AdminAccessToDefaultServiceAccount](guardduty-finding-types-eks-audit-logs.md#policy-kubernetes-adminaccesstodefaultserviceaccount) | Kubernetes | Log di controllo EKS | Elevata |
| [Policy:Kubernetes/AnonymousAccessGranted](guardduty-finding-types-eks-audit-logs.md#policy-kubernetes-anonymousaccessgranted) | Kubernetes | Log di controllo EKS | Elevata |
| [Policy:Kubernetes/KubeflowDashboardExposed](guardduty-finding-types-eks-audit-logs.md#policy-kubernetes-kubeflowdashboardexposed) | Kubernetes | Log di controllo EKS | Media |
| [Policy:Kubernetes/ExposedDashboard](guardduty-finding-types-eks-audit-logs.md#policy-kubernetes-exposeddashboard) | Kubernetes | Log di controllo EKS | Media |
| [PrivilegeEscalation:Kubernetes/AnomalousBehavior.RoleBindingCreated](guardduty-finding-types-eks-audit-logs.md#privesc-kubernetes-anomalousbehavior-rolebindingcreated) | Kubernetes | Log di controllo EKS | Medio [*](#gdu-active-findings-variable-severity) |
| [PrivilegeEscalation:Kubernetes/AnomalousBehavior.RoleCreated](guardduty-finding-types-eks-audit-logs.md#privesc-kubernetes-anomalousbehavior-rolecreated) | Kubernetes | Log di controllo EKS | Bassa |
| [Persistence:Kubernetes/AnomalousBehavior.WorkloadDeployed\!ContainerWithSensitiveMount](guardduty-finding-types-eks-audit-logs.md#privesc-kubernetes-anomalousbehavior-workloaddeployed-containerwithsensitivemount) | Kubernetes | Log di controllo EKS | Elevata |
| [PrivilegeEscalation:Kubernetes/AnomalousBehavior.WorkloadDeployed\!PrivilegedContainer](guardduty-finding-types-eks-audit-logs.md#privesc-kubernetes-anomalousbehavior-workloaddeployed-privcontainer) | Kubernetes | Log di controllo EKS | Elevata |
| [PrivilegeEscalation:Kubernetes/PrivilegedContainer](guardduty-finding-types-eks-audit-logs.md#privilegeescalation-kubernetes-privilegedcontainer) | Kubernetes | Log di controllo EKS | Media |
| [Backdoor:Lambda/C&CActivity.B](lambda-protection-finding-types.md#backdoor-lambda-ccactivity-b) | Lambda | Monitoraggio delle attività di rete Lambda | Elevata |
| [CryptoCurrency:Lambda/BitcoinTool.B](lambda-protection-finding-types.md#cryptocurrency-lambda-bitcointool-b) | Lambda | Monitoraggio delle attività di rete Lambda | Elevata |
| [Trojan:Lambda/BlackholeTraffic](lambda-protection-finding-types.md#trojan-lambda-blackhole-traffic) | Lambda | Monitoraggio delle attività di rete Lambda | Media |
| [Trojan:Lambda/DropPoint](lambda-protection-finding-types.md#trojan-lambda-drop-point) | Lambda | Monitoraggio delle attività di rete Lambda | Media |
| [UnauthorizedAccess:Lambda/MaliciousIPCaller.Custom](lambda-protection-finding-types.md#unauthorized-access-lambda-maliciousIPcaller-custom) | Lambda | Monitoraggio delle attività di rete Lambda | Media |
| [UnauthorizedAccess:Lambda/TorClient](lambda-protection-finding-types.md#unauthorized-access-lambda-tor-client) | Lambda | Monitoraggio delle attività di rete Lambda | Elevata |
| [UnauthorizedAccess:Lambda/TorRelay](lambda-protection-finding-types.md#unauthorized-access-lambda-tor-relay) | Lambda | Monitoraggio delle attività di rete Lambda | Elevata |
| [Object:S3/MaliciousFile](gdu-malware-protection-s3-finding-types.md#s3-object-s3-malicious-file) | S3Object | Protezione da malware per S3 | Elevata |
| [CredentialAccess:RDS/AnomalousBehavior.FailedLogin](findings-rds-protection.md#credaccess-rds-anombehavior-failedlogin) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Bassa |
| [CredentialAccess:RDS/AnomalousBehavior.SuccessfulBruteForce](findings-rds-protection.md#credaccess-rds-anombehavior-successfulbruteforce) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Elevata |
| [CredentialAccess:RDS/AnomalousBehavior.SuccessfulLogin](findings-rds-protection.md#credaccess-rds-anombehavior-successlogin) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Variabile [*](#gdu-active-findings-variable-severity) |
| [CredentialAccess:RDS/MaliciousIPCaller.FailedLogin](findings-rds-protection.md#credaccess-rds-maliciousipcaller-failedlogin) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Media |
| [CredentialAccess:RDS/MaliciousIPCaller.SuccessfulLogin](findings-rds-protection.md#credaccess-rds-maliciousipcaller-successfullogin) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Elevata |
| [CredentialAccess:RDS/TorIPCaller.FailedLogin](findings-rds-protection.md#credaccess-rds-toripcaller-failedlogin) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Media |
| [CredentialAccess:RDS/TorIPCaller.SuccessfulLogin](findings-rds-protection.md#credaccess-rds-toripcaller-successfullogin) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Elevata |
| [Discovery:RDS/MaliciousIPCaller](findings-rds-protection.md#discovery-rds-maliciousipcaller) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Media |
| [Discovery:RDS/TorIPCaller](findings-rds-protection.md#discovery-rds-toripcaller) | [Database Amazon Aurora, Amazon RDS e Aurora Limitless supportati](rds-protection.md#rds-pro-supported-db) | Monitoraggio delle attività di accesso RDS | Media |
| [Backdoor:Runtime/C&CActivity.B](findings-runtime-monitoring.md#backdoor-runtime-ccactivityb) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Backdoor:Runtime/C&CActivity.B\!DNS](findings-runtime-monitoring.md#backdoor-runtime-ccactivitybdns) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [CryptoCurrency:Runtime/BitcoinTool.B](findings-runtime-monitoring.md#cryptocurrency-runtime-bitcointoolb) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [CryptoCurrency:Runtime/BitcoinTool.B\!DNS](findings-runtime-monitoring.md#cryptocurrency-runtime-bitcointoolbdns) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [DefenseEvasion:Runtime/FilelessExecution](findings-runtime-monitoring.md#defenseeva-runtime-filelessexecution) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [DefenseEvasion:Runtime/KernelModuleLoaded](findings-runtime-monitoring.md#defenseevasion-runtime-kernelmoduleloaded) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [DefenseEvasion:Runtime/ProcessInjection.Proc](findings-runtime-monitoring.md#defenseeva-runtime-processinjectionproc) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [DefenseEvasion:Runtime/ProcessInjection.Ptrace](findings-runtime-monitoring.md#defenseeva-runtime-processinjectionptrace) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [DefenseEvasion:Runtime/ProcessInjection.VirtualMemoryWrite](findings-runtime-monitoring.md#defenseeva-runtime-processinjectionvirtualmemw) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [DefenseEvasion:Runtime/PtraceAntiDebugging](findings-runtime-monitoring.md#defenseevasion-runtime-ptrace-anti-debug) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Bassa |
| [DefenseEvasion:Runtime/SuspiciousCommand](findings-runtime-monitoring.md#defenseevasion-runtime-suspicious-command) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Discovery:Runtime/SuspiciousCommand](findings-runtime-monitoring.md#discovery-runtime-suspicious-command) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Bassa |
| [Execution:Runtime/MaliciousFileExecuted](findings-runtime-monitoring.md#execution-runtime-malicious-file-executed) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Execution:Runtime/MaliciousFileExecuted.Custom](findings-runtime-monitoring.md#execution-runtime-malicious-file-executed-custom) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Execution:Runtime/NewBinaryExecuted](findings-runtime-monitoring.md#execution-runtime-newbinaryexecuted) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Execution:Runtime/NewLibraryLoaded](findings-runtime-monitoring.md#execution-runtime-newlibraryloaded) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Execution:Runtime/SuspiciousCommand](findings-runtime-monitoring.md#execution-runtime-suspiciouscommand) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Variabile |
| [Execution:Runtime/SuspiciousShellCreated](findings-runtime-monitoring.md#execution-runtime-suspicious-shell-created) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Bassa |
| [Execution:Runtime/SuspiciousTool](findings-runtime-monitoring.md#execution-runtime-suspicioustool) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Variabile |
| [Execution:Runtime/ReverseShell](findings-runtime-monitoring.md#execution-runtime-reverseshell) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Impact:Runtime/AbusedDomainRequest.Reputation](findings-runtime-monitoring.md#impact-runtime-abuseddomainrequestreputation) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Impact:Runtime/BitcoinDomainRequest.Reputation](findings-runtime-monitoring.md#impact-runtime-bitcoindomainrequestreputation) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Impact:Runtime/CryptoMinerExecuted](findings-runtime-monitoring.md#impact-runtime-cryptominerexecuted) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Impact:Runtime/MaliciousDomainRequest.Reputation](findings-runtime-monitoring.md#impact-runtime-maliciousdomainrequestreputation) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Impact:Runtime/SuspiciousDomainRequest.Reputation](findings-runtime-monitoring.md#impact-runtime-suspiciousdomainrequestreputation) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Bassa |
| [Persistence:Runtime/SuspiciousCommand](findings-runtime-monitoring.md#persistence-runtime-suspicious-command) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [PrivilegeEscalation:Runtime/CGroupsReleaseAgentModified](findings-runtime-monitoring.md#privilegeesc-runtime-cgroupsreleaseagentmodified) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [PrivilegeEscalation:Runtime/ContainerMountsHostDirectory](findings-runtime-monitoring.md#privilegeescalation-runtime-containermountshostdirectory) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [PrivilegeEscalation:Runtime/DockerSocketAccessed](findings-runtime-monitoring.md#privilegeesc-runtime-dockersocketaccessed) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [PrivilegeEscalation:Runtime/ElevationToRoot](findings-runtime-monitoring.md#privilegeesc-runtime-elevation-to-root) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [PrivilegeEscalation:Runtime/RuncContainerEscape](findings-runtime-monitoring.md#privilegeesc-runtime-runccontainerescape) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [PrivilegeEscalation:Runtime/SuspiciousCommand](findings-runtime-monitoring.md#privilege-escalation-runtime-suspicious-command) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [PrivilegeEscalation:Runtime/UserfaultfdUsage](findings-runtime-monitoring.md#privilegeescalation-runtime-userfaultfdusage) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Trojan:Runtime/BlackholeTraffic](findings-runtime-monitoring.md#trojan-runtime-blackholetraffic) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Trojan:Runtime/BlackholeTraffic\!DNS](findings-runtime-monitoring.md#trojan-runtime-blackholetrafficdns) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Trojan:Runtime/DropPoint](findings-runtime-monitoring.md#trojan-runtime-droppoint) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Trojan:Runtime/DGADomainRequest.C\!DNS](findings-runtime-monitoring.md#trojan-runtime-dgadomainrequestcdns) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Trojan:Runtime/DriveBySourceTraffic\!DNS](findings-runtime-monitoring.md#trojan-runtime-drivebysourcetrafficdns) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Trojan:Runtime/DropPoint\!DNS](findings-runtime-monitoring.md#trojan-runtime-droppointdns) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Media |
| [Trojan:Runtime/PhishingDomainRequest\!DNS](findings-runtime-monitoring.md#trojan-runtime-phishingdomainrequestdns) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [UnauthorizedAccess:Runtime/MetadataDNSRebind](findings-runtime-monitoring.md#unauthorizedaccess-runtime-metadatadnsrebind) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [UnauthorizedAccess:Runtime/TorClient](findings-runtime-monitoring.md#unauthorizedaccess-runtime-torclient) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [UnauthorizedAccess:Runtime/TorRelay](findings-runtime-monitoring.md#unauthorizedaccess-runtime-torrelay) | Istanza, cluster EKS, cluster ECS o contenitore | Monitoraggio del runtime | Elevata |
| [Backdoor:EC2/C&CActivity.B](guardduty_finding-types-ec2.md#backdoor-ec2-ccactivityb) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [Backdoor:EC2/DenialOfService.Dns](guardduty_finding-types-ec2.md#backdoor-ec2-denialofservicedns) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [Backdoor:EC2/DenialOfService.Tcp](guardduty_finding-types-ec2.md#backdoor-ec2-denialofservicetcp) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [Backdoor:EC2/DenialOfService.Udp](guardduty_finding-types-ec2.md#backdoor-ec2-denialofserviceudp) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [Backdoor:EC2/DenialOfService.UdpOnTcpPorts](guardduty_finding-types-ec2.md#backdoor-ec2-denialofserviceudpontcpports) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [Backdoor:EC2/DenialOfService.UnusualProtocol](guardduty_finding-types-ec2.md#backdoor-ec2-denialofserviceunusualprotocol) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [Backdoor:EC2/Spambot](guardduty_finding-types-ec2.md#backdoor-ec2-spambot) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [Behavior:EC2/NetworkPortUnusual](guardduty_finding-types-ec2.md#behavior-ec2-networkportunusual) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [Behavior:EC2/TrafficVolumeUnusual](guardduty_finding-types-ec2.md#behavior-ec2-trafficvolumeunusual) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [CryptoCurrency:EC2/BitcoinTool.B](guardduty_finding-types-ec2.md#cryptocurrency-ec2-bitcointoolb) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [DefenseEvasion:EC2/UnusualDNSResolver](guardduty_finding-types-ec2.md#defenseevasion-ec2-unusualdnsresolver) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [DefenseEvasion:EC2/UnusualDoHActivity](guardduty_finding-types-ec2.md#defenseevasion-ec2-unsualdohactivity) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [DefenseEvasion:EC2/UnusualDoTActivity](guardduty_finding-types-ec2.md#defenseevasion-ec2-unusualdotactivity) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [Impact:EC2/PortSweep](guardduty_finding-types-ec2.md#impact-ec2-portsweep) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [Impact:EC2/WinRMBruteForce](guardduty_finding-types-ec2.md#impact-ec2-winrmbruteforce) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Basso [*](#gdu-active-findings-variable-severity) |
| [Recon:EC2/PortProbeEMRUnprotectedPort](guardduty_finding-types-ec2.md#recon-ec2-portprobeemrunprotectedport) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [Recon:EC2/PortProbeUnprotectedPort](guardduty_finding-types-ec2.md#recon-ec2-portprobeunprotectedport) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Basso [*](#gdu-active-findings-variable-severity) |
| [Recon:EC2/Portscan](guardduty_finding-types-ec2.md#recon-ec2-portscan) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [Trojan:EC2/BlackholeTraffic](guardduty_finding-types-ec2.md#trojan-ec2-blackholetraffic) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [Trojan:EC2/DropPoint](guardduty_finding-types-ec2.md#trojan-ec2-droppoint) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [UnauthorizedAccess:EC2/MaliciousIPCaller.Custom](guardduty_finding-types-ec2.md#unauthorizedaccess-ec2-maliciousipcallercustom) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Media |
| [UnauthorizedAccess:EC2/RDPBruteForce](guardduty_finding-types-ec2.md#unauthorizedaccess-ec2-rdpbruteforce) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Basso [*](#gdu-active-findings-variable-severity) |
| [UnauthorizedAccess:EC2/SSHBruteForce](guardduty_finding-types-ec2.md#unauthorizedaccess-ec2-sshbruteforce) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Basso [*](#gdu-active-findings-variable-severity) |
| [UnauthorizedAccess:EC2/TorClient](guardduty_finding-types-ec2.md#unauthorizedaccess-ec2-torclient) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |
| [UnauthorizedAccess:EC2/TorRelay](guardduty_finding-types-ec2.md#unauthorizedaccess-ec2-torrelay) | Amazon EC2 | Registri di flusso in VPC [+](#gdu-ec2-finding-no-support-ipv6-traffic) | Elevata |