Which solution will meet these requirements?
Configure Amazon Macie to monitor and report findings to AWS Config.
Configure Amazon Inspector to monitor and report findings to AWS CloudTrail.
Configure Amazon GuardDuty to monitor and report findings to AWS Security Hub.
Configure AWS Config to monitor and report findings to Amazon EventBridge.
Explanations:
Amazon Macie is primarily focused on data privacy and security for sensitive data in S3, but it does not continuously monitor for malicious activity across the AWS account or provide a comprehensive security dashboard. It reports findings but is not designed for broader monitoring of workloads or suspicious activity in real-time.
Amazon Inspector is a security assessment service designed to identify vulnerabilities in applications deployed on AWS. While it provides security findings, it is not focused on continuous monitoring of malicious activity in the AWS account or S3 access patterns and does not report findings to AWS CloudTrail.
Amazon GuardDuty is a continuous monitoring service that analyzes activity and identifies potential threats across AWS accounts and workloads. It provides detailed findings related to malicious activity and integrates with AWS Security Hub for reporting and visualization on a dashboard, thus meeting the requirements specified.
AWS Config is a service that tracks configuration changes in AWS resources and ensures compliance. While it can monitor resource configurations and trigger events in EventBridge, it does not specifically monitor for malicious activity or provide a dashboard for suspicious activities related to S3 access or other workloads.
I structure that the answer is:
Configure Amazon GuardDuty to monitor and report findings to AWS Security Hub.