Sold by: ITUNeed LLCÂ
Deployed on AWS
ITUneed ThreatGuard analyzes VPC flow logs with Amazon Athena, detects malicious public IPs, and updates AWS GuardDuty using threat intelligence for real-time cloud security.
Overview
Video
ITUneed ThreatGuard
Video
ThreatGuard Implementation Tutorial
Video
Product video
ITUneed ThreatGuard is an automated threat detection solution that seamlessly integrates with AWS services to provide real-time monitoring of your cloud environment. Using Amazon Athena, it analyzes VPC Flow Logs to identify malicious public IPs attempting to access your AWS public endpoints. By leveraging external threat intelligence APIs, ThreatGuard cross-checks IPs against global databases to classify them as benign or malicious, reducing the manual effort required for threat detection. The solution integrates directly with AWS GuardDuty, enhancing your security posture by enriching its findings with updated threat intelligence. This allows for proactive mitigation of security risks while ensuring continuous monitoring and fast response to new threats. With scalable plans designed to suit various business sizes, ITUneed ThreatGuard offers flexible pricing for customers who need to scan anywhere from 10K to 1MM IPs daily, ensuring that cloud environments remain secure and efficient at all times. By automating threat detection, ITUneed ThreatGuard reduces human intervention, lowers the Mean Time to Resolution (MTTR), and increases overall cloud security. This cost-effective solution ensures that organizations stay ahead of evolving threats, with seamless integration into your AWS environment and full compliance with cloud security best practices.
Highlights
- Automated Public IP Threat Detection: ITUneed ThreatGuard continuously monitors VPC flow logs using Amazon Athena, identifying public IPs attempting to access AWS endpoints. It automates threat detection, reducing manual effort and enhancing cloud security.
- Seamless AWS GuardDuty Integration: ThreatGuard enriches AWS GuardDuty by querying an external threat intelligence API to classify IPs as malicious or benign, proactively mitigating risks.
- Near Real-Time Security Insights & Compliance: ThreatGuard updates a custom threat list, enabling real-time threat response and compliance monitoring. It helps organizations secure AWS workloads, reducing exposure to external attacks.
Details
Sold by
Categories
Delivery method
Supported services
Delivery option
ITUNeed ThreatGuard: Automated Threat Detection Container Deployment
Latest version
Operating system
Linux
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
Up to 10K IP activity scans per day | 10,000 Events/Day, Ideal for small-scale security monitoring. | $120.00 |
Up to 100K IP activity scans per day | 100,000 Events/Day, Suitable for medium-sized AWS environments. | $1,200.00 |
Up to 1MM IP activity scans per day | 1MM Events/Day, Designed for large, high-traffic environments. | $12,000.00 |
Vendor refund policy
At ITUNeed, we are committed to delivering high-quality cloud security solutions through AWS Marketplace. Refund requests must be made within 7 days of purchase for technical malfunctions or if the product fails to function as described. Refunds will not be granted for misconfigurations, business changes, or trial purchases. To request a refund, contact support at threatguard_support@ituneed.com with your API Userid, reason, and supporting logs. We will review requests within 3 business days.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
ITUNeed ThreatGuard: Automated Threat Detection Container Deployment
Supported services: Learn moreÂ
- Amazon ECS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Release Notes for ITUNeed ThreatGuard v1.0 New Features: Event-based pricing: Now supports up to 1MM malicious IP detections per day, offering scalable pricing for varying security needs.
Additional details
Usage instructions
ITUNeed ThreatGuard Setup Instructions:
****Prerequisite: Please email threatguard_support@ituneed.com with the AWS account number associated with your ITuneed ThreatGuard subscription to receive license information.
- Enable VPC Flow Logs: Ensure that VPC Flow Logs are enabled in your AWS environments and aggregated into a centralized S3 bucket. This allows ITUNeed ThreatGuard to analyze traffic patterns and identify suspicious activities.
- Enable AWS GuardDuty: Ensure that the GuardDuty service is enabled in your AWS account. This is necessary for ThreatGuard to integrate and update GuardDuty findings with detected threats.
- Deploy Athena Partitioner CloudFormation Script: Deploy the Athena Partitioner CloudFormation template in the account with the centralized S3 Flow Logs bucket. Download the yaml file from the deployment template and deploy from the cloudformation console. In the parameters section of the template: a. Provide a unique name for the AthenaOutputBucket. b. Leave the ECRRepositoryURI and LambdaTimeout as the default values. c. Point the S3Bucket to the location where your Flow Logs reside.
- Deploy FlowLog Analyzer CloudFormation Script: Deploy the FlowLog Analyzer CloudFormation template in the same account. Download the yaml file from the deployment template and deploy from the cloudformation console. In the parameters section: a. Input your APIKey, APIUserId, ExpirationDate, and Signature, which you can find in the onboarding email.
- Enter your GuardDutyDetectorID, which can be found in the GuardDuty Console.
- Provide a unique name for the S3BucketName, where output artifacts will be stored.
- Navigate to AWS Secrets Manager, click on the secret named "API_Credentials" , edit, and update the API_KEY, expiration_date, and signature with the license information you received in the email.
- At this point, the ECS fargate task should start working and capturing IPs and corresponding metadata.
For a detailed tutorial on how to install and configure ITUNeed ThreatGuard, please refer to the tutorial video (https://aws.amazon.com/marketplace/pp/prodview-rb7z6i4cgkl2c ). If you need further assistance, please email threatguard_support@ituneed.comÂ
Resources
Vendor resources
Support
Vendor support
For support with ITUneed ThreatGuard, please reach out to us via the following channels: Email: threatguard_support@ituneed.com Phone: 1 (800) 837-1760 Contact URL: <www.ituneed.com/contact > When you purchase ITUeed ThreatGuard, you can expect dedicated customer support to assist with product setnup, troubleshooting, and ongoing queries. Our team offers business hours support (Monday to Friday, 9 AM to 5 PM EST) and will respond to critical issues promptly to ensure your cloud security needs are met. For non-urgent requests, our support team aims to provide a response within 24 hours. We are committed to ensuring that your AWS environment remains secure and operational with ITUneed ThreatGuard.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.