• IAM Abuse
    • Storage Abuse
    • Compute Abuse
  • science Research
    • CloudTrail Rules
    • Splunk Rules
    • Sigma Rules
    • Technique → Detection
    • IAM Design
    • Monitoring Strategy
    • Adversary Platform
    • Detection Generator
    • GitHub
    • Twitter / X
    • RSS
  • to navigate
  • to select
  • to close
    • Home
    • Detection Rules
    On this page
    • Detection Rules
      • AWS Focus
      • How to Use
      • License
    • Detection Rules
      • AWS Focus
      • How to Use
      • License
    rule

    Detection Rules

    AWS detection rules for CloudTrail, GuardDuty, and SIEM platforms.

    cloud

    CloudTrail Rules

    AWS CloudTrail API-based detection rules.

    search

    Splunk Rules

    Splunk SPL detection rules for AWS CloudTrail.

    code

    Sigma Rules

    Sigma format detection rules for AWS CloudTrail.

    © 2026 Detecting.Cloud. AWS Security Detection Research.