What is AWS Guarduty?

AWS definition: "Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your Amazon Web Services accounts, workloads, and data stored in Amazon S3"

Monitor VPC Flow lows, DNS logs, CloudTrail S3 events and CloudTrail Mgmt events.