GuardDuty security agent release versions
GuardDuty releases an updated agent version from time to time. When GuardDuty manages the agent automatically, GuardDuty is designed to update the agent on your behalf. When you manage the agent manually, you are responsible to update the agent version for your resource types – Amazon EC2 instances, Amazon ECS clusters, and Amazon EKS clusters.
The following sections provide GuardDuty security agent release versions and associated release notes for all the supported resource types.
Topics
The following table shows the release version history for the GuardDuty security agent for Amazon EC2.
Agent version |
Release notes |
Availability date |
|---|---|---|
v1.3.1 |
Support for custom DNS resolvers |
September 12, 2024 |
v1.3.0 |
General performance tuning and enhancements Includes support to capture additional security signals for future Runtime Monitoring finding types. |
August 19, 2024 |
v1.2.0 |
Supports OS distributions Ubuntu 20.04, Ubuntu 22.04, Debian 11, and Debian 12 Supports kernel 6.5 and 6.8 General performance tuning and enhancements |
June 13, 2024 |
v1.1.0 |
Supports GuardDuty automated agent configuration in Runtime Monitoring for Amazon EC2 instances Supports new security signals and findings released with the announcement of general availability of Runtime Monitoring for EC2 instances General performance tuning and enhancements |
March 26, 2024 |
v1.0.2 |
Supports the latest Amazon ECS AMIs. |
February 2, 2024 |
| v1.0.1 |
Agent versions released prior to v1.0.2 are incompatible with Amazon ECS AMIs launched after January 31, 2024. General performance tuning and enhancements |
January 23, 2024 |
| v1.0.0 | Initial release of the RPM installation Agent versions released prior to v1.0.2 are incompatible with Amazon ECS AMIs launched after January 31, 2024. |
November 26, 2023 |
The following table shows the release version history for the GuardDuty security agent for Fargate (Amazon ECS only).
Agent version |
Container image |
Release notes |
Availability date |
|---|---|---|---|
v1.3.1 |
x86_64 (AMD64): Graviton (ARM64): |
Support for custom DNS resolvers. |
September 11, 2024 |
v1.3.0 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. Includes support to capture additional security signals for future GuardDuty Runtime Monitoring finding types. |
August 9, 2024 |
v1.2.0 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. |
May 31, 2024 |
v1.1.0 |
x86_64 (AMD64): Graviton (ARM64): |
Supports new security signals and findings. General performance tuning and enhancements. |
May 01, 2024 |
v1.0.1 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. |
January 26, 2024 |
v1.0.0 |
x86_64 (AMD64): Graviton (ARM64): |
Initial release of GuardDuty security agent for AWS Fargate (Amazon ECS only). |
November 26, 2023 |
As a prerequisite, to update to a specific agent version, you need to explicitly allow access to the ECR registries specified under Amazon ECR repository hosting GuardDuty agent. Not doing so may result in an unhealthy runtime coverage for your Amazon EKS cluster.
The following table shows the release version history of Amazon EKS add-on GuardDuty agent.
Agent version |
Container image |
Release notes |
Availability date |
End of standard support1 |
|---|---|---|---|---|
v1.7.1 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. Includes support to capture additional security signals for future Runtime Monitoring finding types. Support for custom DNS resolvers. |
September 13, 2024 |
– |
v1.7.0 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. Includes support to capture additional security signals for future Runtime Monitoring finding types. |
August 17, 2024 |
– |
v1.6.1 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. |
May 14, 2024 |
– |
v1.6.0 |
x86_64 (AMD64): Graviton (ARM64): |
|
April 29, 2024 |
– |
v1.5.0 |
x86_64 (AMD64): Graviton (ARM64): |
|
March 07, 2024 |
– |
v1.4.1 |
x86_64 (AMD64): Graviton (ARM64): |
General performance tuning and enhancements. |
January 16, 2024 |
– |
v1.4.0 |
x86_64 (AMD64): Graviton (ARM64): |
Manifest mount point support better data collection AppArmor configuration in manifest Collect command line argument General performance tuning and enhancements |
December 21, 2023 |
– |
v1.3.1 |
x86_64 (AMD64): Graviton (ARM64): |
Important security patches and updates. |
October 23, 2023 |
– |
|
v1.3.0 |
x86_64 (AMD64): Graviton (ARM64): |
Supports Ubuntu platform Supports Kubernetes version 1.28 General performance enhancements and stability improvement. |
October 05, 2023 |
– |
v1.2.0 |
x86_64 (AMD64): Graviton (ARM64): |
In addition to AMD64-based instances, v1.2.0 now also supports ARM64-based instances. Added and verified support for Bottlerocket Supports Kubernetes version 1.27 General performance enhancements and stability improvements. |
June 16, 2023 |
– |
v1.1.0 |
|
In addition to Kubernetes versions supported by GuardDuty security agent, this agent release also supports Kubernetes version 1.26. General performance enhancements and stability improvements. |
May 2, 2023 |
May 14, 2024 |
v1.0.0 |
|
Initial release of Amazon EKS add-on agent. |
March 30, 2023 |
May 14, 2024 |
1 For information about updating your current agent version that is approaching to an end of standard support, see Updating security agent manually.
