GuardDuty security agent release versions
GuardDuty releases an updated agent version from time to time. When GuardDuty manages the agent automatically, GuardDuty is designed to update the agent on your behalf. When you manage the agent manually, you are responsible to update the agent version for your resource types – Amazon EC2 instances, Amazon ECS clusters, and Amazon EKS clusters.
The following sections provide GuardDuty security agent release versions and associated release notes for all the supported resource types.
The following table shows the release version history for the GuardDuty security agent for Amazon EC2.
Agent version |
Release notes |
Availability date |
---|---|---|
v1.5.0 |
Added support for CentOS 9.0, RedHat 9.4, Fedora 34.0, and Ubuntu 24.04. Support for ARM instances for General performance tuning and enhancements. |
November 20, 2024 |
v1.3.1 |
Support for custom DNS resolvers. |
September 12, 2024 |
v1.3.0 |
General performance tuning and enhancements. Includes support to capture additional security signals for future GuardDuty Runtime Monitoring finding types. |
August 19, 2024 |
v1.2.0 |
Supports OS distributions Ubuntu 20.04, Ubuntu 22.04, Debian 11, and Debian 12. Supports kernel 6.5 and 6.8. General performance tuning and enhancements. |
June 13, 2024 |
v1.1.0 |
Supports GuardDuty automated agent configuration in Runtime Monitoring for Amazon EC2 instances. Supports new security signals and findings released with the announcement of general availability of Runtime Monitoring for EC2 instances. General performance tuning and enhancements. |
March 26, 2024 |
v1.0.2 |
Supports the latest Amazon ECS AMIs. |
February 2, 2024 |
v1.0.1 |
Agent versions released prior to v1.0.2 are incompatible with Amazon ECS AMIs launched after January 31, 2024. General performance tuning and enhancements. |
January 23, 2024 |
v1.0.0 | Initial release of the RPM installation. Agent versions released prior to v1.0.2 are incompatible with Amazon ECS AMIs launched after January 31, 2024. |
November 26, 2023 |
The following table shows the release version history for the GuardDuty security agent for Fargate (Amazon ECS only).
Agent version |
Container image |
Release notes |
Availability date |
---|---|---|---|
v1.5.0 |
x86_64 (AMD64):
Graviton (ARM64):
|
Support for ARM tasks for General performance tuning and enhancements. |
November 14, 2024 |
v1.4.1 |
x86_64 (AMD64):
Graviton (ARM64):
|
Container image hardening. General performance tuning and enhancements. |
October 24, 2024 |
v1.3.1 |
x86_64 (AMD64):
Graviton (ARM64):
|
Support for custom DNS resolvers. |
September 11, 2024 |
v1.3.0 |
x86_64 (AMD64):
Graviton (ARM64):
|
General performance tuning and enhancements. Includes support to capture additional security signals for future GuardDuty GuardDuty Runtime Monitoring finding types. |
August 9, 2024 |
v1.2.0 |
x86_64 (AMD64):
Graviton (ARM64):
|
General performance tuning and enhancements. |
May 31, 2024 |
v1.1.0 |
x86_64 (AMD64):
Graviton (ARM64):
|
Supports new security signals and findings. General performance tuning and enhancements. |
May 01, 2024 |
v1.0.1 |
x86_64 (AMD64):
Graviton (ARM64):
|
General performance tuning and enhancements. |
January 26, 2024 |
v1.0.0 |
x86_64 (AMD64):
Graviton (ARM64):
|
Initial release of GuardDuty security agent for AWS Fargate (Amazon ECS only). |
November 26, 2023 |
GuardDuty releases an updated agent version from time to time. When GuardDuty manages the agent automatically, it is designed to manage the agent updates on your behalf. When you manage the agent manually, you are responsible to update the agent version for your Amazon EKS clusters.
Before updating the agent to a specific version, add the image registry for GuardDuty
to the allowed-container-registries
in your admission controller. For more information,
see ECR repository for EKS v1.8.1-eks-build.2.
The following table shows the release version history of Amazon EKS add-on GuardDuty agent.
Agent version |
Container image |
Release notes |
Availability date |
End of standard support1 |
---|---|---|---|---|
v1.8.1 |
x86_64 (AMD64): Graviton (ARM64): |
Added support for CentOS 9.0, RedHat 9.4, Fedora 34.0, and Ubuntu 24.04. Support for ARM instances for General performance tuning and enhancements. |
November 23, 2024 |
– |
v1.7.1 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. Includes support to capture additional security signals for future GuardDuty Runtime Monitoring finding types. Support for custom DNS resolvers. |
September 13, 2024 |
– |
v1.7.0 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. Includes support to capture additional security signals for future GuardDuty Runtime Monitoring finding types. |
August 17, 2024 |
– |
v1.6.1 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. |
May 14, 2024 |
– |
v1.6.0 |
x86_64 (AMD64): Graviton (ARM64): |
|
April 29, 2024 |
– |
v1.5.0 |
x86_64 (AMD64): Graviton (ARM64): |
|
March 07, 2024 |
– |
v1.4.1 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. |
January 16, 2024 |
– |
v1.4.0 |
x86_64 (AMD64): Graviton (ARM64): |
Manifest mount point support better data collection AppArmor configuration in manifest Collect command line argument General performance tuning and enhancements |
December 21, 2023 |
– |
v1.3.1 |
x86_64 (AMD64): Graviton (ARM64): |
Important security patches and updates. |
October 23, 2023 |
– |
v1.3.0 |
x86_64 (AMD64): Graviton (ARM64): |
Supports Ubuntu platform Supports Kubernetes version 1.28 General performance enhancements and stability improvement. |
October 05, 2023 |
– |
v1.2.0 |
x86_64 (AMD64): Graviton (ARM64): |
In addition to AMD64-based instances, v1.2.0 now also supports ARM64-based instances. Added and verified support for Bottlerocket Supports Kubernetes version 1.27 General performance enhancements and stability improvements. |
June 16, 2023 |
– |
v1.1.0 |
|
In addition to Kubernetes versions supported by GuardDuty security agent, this agent release also supports Kubernetes version 1.26. General performance enhancements and stability improvements. |
May 2, 2023 |
May 14, 2024 |
v1.0.0 |
|
Initial release of Amazon EKS add-on agent. |
March 30, 2023 |
May 14, 2024 |
1 For information about updating your current agent version that is approaching to an end of standard support, see Updating security agent manually for Amazon EKS resources.
Additional resources
For more information on the next steps, see the following topics:
-
Prerequisites to enabling Runtime Monitoring - With new agent versions, there might be an update to the prerequisites section. Verify and validate that your resources meet the latest prerequisites.
-
Managing GuardDuty security agents - When you manage the agent manually, then you're responsible for managing the updates to the agent version running on your resources. Based on your resource type (Amazon EKS or Amazon EC2-Amazon ECS), perform the steps to update the security agent. Also make sure to validate your VPC endpoint configuration.
-
Reviewing runtime coverage statistics and troubleshooting issues - After you have updated the security agent, you can assess the runtime coverage your resource. If there is any coverage issue, then use the associated troubleshooting steps.