* [Blog](https://www2.paloaltonetworks.com/blog) * [Cloud Security](https://www2.paloaltonetworks.com/blog/cloud-security/) * [Announcement](https://www2.paloaltonetworks.com/blog/category/announcement/) * Prisma Cloud Supports Ama... # Prisma Cloud Supports Amazon GuardDuty Malware Protection [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Famazon-guardduty-malware-protection%2F) [](https://twitter.com/share?text=Prisma+Cloud+Supports+Amazon+GuardDuty+Malware+Protection&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Famazon-guardduty-malware-protection%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Famazon-guardduty-malware-protection%2F&title=Prisma+Cloud+Supports+Amazon+GuardDuty+Malware+Protection&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/cloud-security/amazon-guardduty-malware-protection/&ts=markdown) \[\](mailto:?subject=Prisma Cloud Supports Amazon GuardDuty Malware Protection) Link copied By [Derek Rogerson](https://www.paloaltonetworks.com/blog/author/derek-rogerson/?ts=markdown "Posts by Derek Rogerson") Jul 26, 2022 3 minutes [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown) [Cloud Security Provider](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-provider/?ts=markdown) [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) [Amazon GuardDuty](https://www.paloaltonetworks.com/blog/tag/amazon-guardduty/?ts=markdown) [AWS](https://www.paloaltonetworks.com/blog/tag/aws/?ts=markdown) [CSPM](https://www.paloaltonetworks.com/blog/tag/cspm/?ts=markdown) *Prisma Cloud expands its existing Amazon GuardDuty integration to include* *malware findings from GuardDuty Malware Protection.* ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/07/word-image-27.png) Malware is one of the [top five cloud-native risks](https://www.paloaltonetworks.com/resources/research/top-5-cloud-native-risks-report) identified by Prisma Cloud research. Now, together with AWS, Prisma Cloud by Palo Alto Networks is excited to announce we will extend our Amazon GuardDuty support by integrating with the new [GuardDuty Malware Protection](https://aws.amazon.com/blogs/aws/new-for-amazon-guardduty-malware-detection-for-amazon-ebs-volumes/) findings to provide customers with enhanced visibility and context for detected malware threats. This new Prisma Cloud integration [expands our existing GuardDuty integration](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/configure-external-integrations-on-prisma-cloud/integrate-prisma-cloud-with-amazon-guardduty) to allow customers to view and respond to malware findings alongside other security and compliance data Prisma Cloud already collects. "AWS has enhanced their Amazon GuardDuty service to include malware detection, and Palo Alto Networks will be supporting this new security innovation with a seamless Prisma Cloud integration for simplified cloud security," said Steven Cacciaroni, Director of Business Development for Palo Alto Networks. "With our expanded ingestion of AWS contextualized security findings from the new Amazon GuardDuty Malware Protection feature, our customers can continue to achieve the best possible security outcomes on AWS." ## **Prisma Cloud Ingests Malware Scans from Amazon GuardDuty Malware Protection for Better Cloud Security** With Prisma Cloud and expanded GuardDuty ingestion for malware findings, our customers can improve visibility and detection of malicious software (Trojans, worms, cryptominers, rootkits, bots, and more) that may be used by attackers to compromise AWS workloads or containers. ![Prisma Cloud ingests event-driven Amazon GuardDuty Malware Protection security data through EventBridge to the Prisma Cloud Console](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/07/word-image-28.png) Prisma Cloud ingests event-driven Amazon GuardDuty Malware Protection security data through EventBridge to the Prisma Cloud Console When malware protection is enabled for GuardDuty, suspicious activity on a workload or container will initiate automated malware scans of the attached Amazon EC2 Elastic Block Store (EBS). Detected malware generates an additional context-rich finding that will be ingested by Prisma Cloud as an alert in near real time. Prisma Cloud may then leverage this expanded malware threat visibility and context from Amazon GuardDuty and initiate the appropriate response action, like additional threat analysis or [automated Lambda remediation](https://www.paloaltonetworks.com/blog/prisma-cloud/automate-cloud-remediation-serverless-functions/). Further, customers can use our Prisma Cloud [RQL tool](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/rql-examples) to set up customized alerting policies for detected malware. ## **Amazon GuardDuty Malware Protection is Better Together with Prisma Cloud** ## ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/07/word-image-7.jpeg) Prisma Cloud by Palo Alto Networks, together with Amazon GuardDuty Malware Protection, helps to protect against malware in the cloud with this additional integration in Q4 2022. Now our customers can better respond to potential sources of suspicious behavior caused by malicious software and reduce unnecessary complexity when monitoring and protecting AWS accounts and workloads. Choose Prisma Cloud as your simplified single platform that aggregates, organizes, and prioritizes security alerts and findings from multiple AWS services, including Amazon GuardDuty, Amazon Inspector, AWS Security Hub, and more. Start using Prisma Cloud and AWS together today by visiting [Prisma Cloud in the AWS Marketplace](https://aws.amazon.com/marketplace/pp/prodview-fhoptf6o4hcyu). And learn more by visiting our Prisma Cloud [AWS environment page](https://www.paloaltonetworks.com/prisma/environments/aws). *** ** * ** *** ## Related Blogs ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Security Provider](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-provider/?ts=markdown), [Event](https://www.paloaltonetworks.com/blog/category/event/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) [#### Prisma Cloud Application Protection Platform is at AWS re:Inforce 2022](https://www2.paloaltonetworks.com/blog/cloud-security/aws-reinforce-2022/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown) [#### Prisma Cloud Supports the Latest Amazon Inspector for Enhanced Security](https://www2.paloaltonetworks.com/blog/cloud-security/amazon-inspector-for-enhanced-security/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) [#### Palo Alto Networks --- the 2024 AWS Global Technology Partner of the Year](https://www2.paloaltonetworks.com/blog/2024/12/aws-global-technology-partner-of-the-year/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Discover, Protect and Respond with AWS and Prisma Cloud](https://www2.paloaltonetworks.com/blog/2024/11/aws-and-prisma-cloud/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Native Application Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-application-platform/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown) [#### GigaOm Deems Prisma Cloud CSPM Outstanding](https://www2.paloaltonetworks.com/blog/cloud-security/leader-gigaom-radar-cspm-2022/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### What Does the Latest Linux Kernel Vulnerability Mean for Kubernetes Users and How Prisma Cloud Protects Against it?](https://www2.paloaltonetworks.com/blog/cloud-security/linux-kernel-vulnerabilities/) ### Subscribe to Cloud Security Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language