Which service offers intelligent threat detection by continuously monitoring network activity in AWS?

Amazon GuardDuty is the service that provides intelligent threat detection by continuously monitoring network activity in AWS. It utilizes machine learning, threat intelligence, and anomaly detection to identify and alert users about potential security threats. By analyzing data from various sources, including VPC Flow Logs, AWS CloudTrail event logs, and DNS logs, GuardDuty can detect suspicious activities such as unauthorized access or malicious behavior involving EC2 instances, S3 buckets, and other AWS resources.

This proactive approach assists organizations in staying ahead of potential threats, as it not only identifies existing risks but also learns over time to improve detection capabilities. The continuous monitoring aspect is crucial, as it enables real-time alerts and insights, empowering security teams to respond promptly to protect their AWS environments.

Other services mentioned offer different functionalities, such as investigation and compliance (Amazon Detective and AWS Security Hub) or management and encryption of keys (AWS Managed CMK), but they do not provide the specialized focus on continuous threat detection that GuardDuty does.