AWS Trusted Advisor
- Inspects our AWS environments and makes recommendations where it deems necessary.
- Works at an account level and makes recommendations based on your entire account. Categories: cost, optimization, performance, security, service limits, and fault tolerance.
AWS Guard Duty
- Threat detection system. It doesn't prevent, only detects.
- Continious security monitoring service that process data from multiple data sources, like Amazon CloudTrail and DNS logs.
- It uses threat intelligence feeds and machine learning to identify and alert on potential malicious and unwanted action patterns.
AWS Inspector
- Automatically assess our apps for exposures, vulnerabilities, amd best-practice compliance.
- It generates findings; findings are detailed reports produced and reported via lists. They are prioritised via security levels. You can suppress findings via suppressions rules.