All courses
Resource hub
Featured resource
Tech Upskilling Playbook 2025
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Learn more
Hamburger Icon
  • Path icon Learning Path
    • Libraries: This path is only available in the libraries listed. To access this path, purchase a license for the corresponding library.
  • Cloud
  • Security
    •

Threat Detection for AWS

1 Course
2 Labs
3 Hours
Skill IQ

Learn how to detect, investigate, and respond to threats in your AWS environment using native tools like Amazon GuardDuty, Amazon Security Hub, CloudTrail Lake, and Lambda. This path is designed to help cloud engineers and security practitioners operationalize threat detection workflows and build automated response capabilities that scale across accounts and services.

Get started

Content in this path

Essentials

This section introduces the foundational workflows for detecting and responding to threats in AWS. You'll learn how to configure GuardDuty, Security Hub, and related telemetry services to surface suspicious activity across your environment.

Lab

AWS End-to-End Vulnerability Management Workflow

  • 45m
  • Sep 17, 2025
Course

Amazon Security Hub Correlation and Forensic Analysis

  • by Tim Coakley
  • 1h
  • Aug 26, 2025
Lab

AWS Live Threat Detection and Response Simulation

  • 45m
  • Sep 17, 2025
Try this learning path for free
Access this learning path and other top-rated tech content with a free trial.
Free individual trial Free team trial
What You'll Learn
  • 1. Learn how to configure Amazon GuardDuty, CloudTrail, AWS Config, and VPC Flow Logs to generate meaningful, actionable threat telemetry.
  • 2. Use Amazon Security Hub and CloudTrail Lake to triage GuardDuty findings, reconstruct attack timelines, and build a clear picture of suspicious activity across your environment.
  • 3. Build EventBridge rules and Lambda functions that respond to high-priority threats in real time—isolating compromised resources, revoking credentials, and notifying your security team automatically.
Prerequisites
  • Before starting this path, you should already be comfortable navigating the AWS Console and working with foundational cloud services such as EC2, IAM, and VPC. You don't need to be a security expert, but you should understand core AWS concepts like CloudTrail logs, IAM roles, and how resources interact within a typical cloud environment. If you’ve configured basic workloads and handled permissions or logging before, you're ready to take the next step into threat detection and response.
Related topics
  • Amazon Web Services
  • Cloud Security
  • Threat Detection
Not sure where to start?
With over 500 assessments to choose from, you can see where your skills stand and receive adaptive learning recommendations to fill knowledge gaps in as little as 10 minutes.
Learn more

Learn with the best

Tim Coakley
Tim Coakley
Tim Coakley is a Senior Security Solutions Architect for a large multi-national organisation and an author at Pluralsight. Tim started a long and successful full-time career in Digital Forensics supporting the criminal justice system and law enforcement on a long list of criminal cases. Parallel to this Tim ran a research and development business creating solutions from design through to support resulting in some unique and niche software not developed anywhere else. Tim now works fully within t...

Join our learners and upskill
in leading technologies