Reading and Prioritizing GuardDuty Findings

A busy account can generate many findings, and not all matter equally. To respond well you must prioritize, focusing first on the threats most likely to cause real harm. GuardDuty supports this with severity scores and rich finding detail that guide where to look first.

Every GuardDuty finding carries a severity value from 0.1 to 8.9 and above, mapped to levels. Roughly, 1.0 to 3.9 is Low, 4.0 to 6.9 is Medium, and 7.0 to 8.9 is High. Higher numbers mean greater confidence and potential impact, so they jump the queue.