...
An analyst wants to detect malicious behavior in AWS. Using the GuardDuty SQS collector to send findings to Devo, the analyst will obtain preanalyzed threats. As a result, the analyst will use GuardDuty’s threat intelligence to initiate investigations of CloudTrail logs in Devo.
GuardDuty and CloudTrail collectors should be used together to get the highest quality information from AWS.
...