Skip to content
AskFlorence
Main Navigation ArchitectureFlorence AIAgentsMembersAgent PlatformValidationInfrastructure

Appearance

Sidebar Navigation

Overview

Home

Glossary

System Architecture

Consumer & Agent Flow

Florence AI

Overview

Principles

Runtime

Tool surface

Adding a tool

Tool registry

Knowledge: SBC scenarios & CSR

Voice

Evals & observability

Provider risk & portability

Outage playbook

Roadmap

Build plan

Agents

Overview

Workflows & pain points

Members

Overview

Medicaid coverage gap

Carriers

Overview

Marketplaces

Overview

Agency

Overview

Regulations

Overview

Agent Platform

Overview

Auth Architecture

MongoDB Permissioning

Compliance Model

Data Models

Data Sources

Overview

CMS Marketplace API

CMS dependency map

PUF Data

State Subsidies

SBE Ingestion Playbook

SBE State Watchouts + Decisions

CA Phase C/D Playbook

NY Phase C/D Playbook

Validation

Overview

Methodology

APTC Formula

California 2026

New York 2026

CAPS Formula

Scenario Results

Infrastructure

Account Inventory

AWS Setup Runbook

AWS Organizations

CloudTrail

GuardDuty

Security Hub

Config

CloudFront + WAFv2

Data sources & ingest

Phase 4 DNS

Change Log

Vulnerability Management

MongoDB Setup

Access Control

Data Classification

Documentation Hosting

Post-deploy Smoke

Development

Preflight (local CI mirror)

Testing strategy

Compliance

Overview (auditor entry point)

SOC 2 Control Mapping

HIPAA Control Mapping

CMS EDE Appendix A Mapping

Risk Assessment

Encryption Policy

Data Retention Policy

Privacy Impact Assessment

Consent Capture & Versioning

Incident Response Plan

Access Control Policy

Marketing vs. Portal Analytics

Vendor / Subprocessor Register

Dependency Vulnerability Policy

BAA / Compliance Evidence

Compliance-Automation Integration

Compliance-Automation Vendor Evaluation

Penetration Test Reports

Architecture

Portal entry handoff

Mobile app strategy

Deferred architecture decisions

Session cookie architecture

Share flows

Decisions (ADRs)

Index

0001 — Atlas project isolation

0002 — Append-only audit log

0003 — Narrow-scoped Mongo users

0004 — Cross-cluster Atlas PrivateLink

0005 — Delayed-job architecture

0006 — Mongo user simplification

0007 — Terraform owns ECS task def

0008 — E2E testing strategy

0009 — Self-hosted analytics + observability (superseded)

0010 — PostHog HIPAA Cloud (supersedes 0009)

Runbooks

Security Incident Response

Break-Glass Root Login

Onboard Team Member

Offboard Team Member

Atlas user provisioning

Deploy via Terraform (ENG-277)

Rollback via Terraform (ENG-277)

S3 data bucket migration (planned Phase 11)

Access Reviews

2026-Q2 Review

Session log

Index

2026-04-23 — Phase 10 DNS cutover

2026-04-22 — Phase 8 prod AWS mirror

2026-04-22 — Phase 7 Atlas VPC peering

2026-04-22 — Phase 6 CloudFront + WAF

2026-04-21 — Phase 5 staging go-live

2026-04-17 — Atlas staging

Briefs

Index

Member portal plan (ENG-187)

2026-04-16/17 handoff

2026-04-17 Atlas handoff

System briefing (2026-04-17)

Creative AdBundance proposal brief

Creative AdBundance analytics brief

ElevenLabs RN integration research

Policies

Overview

On this page

GuardDuty — Org-wide threat detection ​

Status: Active since 2026-04-18, delegated admin: log-archive. Purpose: SOC 2 CC7.2 (anomalies), HIPAA §164.308(a)(1)(ii)(D), CMS EDE Phase 3 threat detection.

Summary ​

GuardDuty runs in every account in the org with auto-enrollment. Findings are centralized in the log-archive account (the delegated administrator). GuardDuty ingests VPC Flow Logs, DNS query logs, CloudTrail management events, and S3 data events to detect threat patterns.

Resources ​

ResourceValue
Delegated administrator754660694122 (log-archive)
Admin detector (log-archive)44396c0b61674ade87312ff13ab85996
Mgmt detector (self-managed)9a71698300b24e55a21a53c4d8f660a9
Finding publishing frequencyEvery 15 minutes
Auto-enrollALL (any new member account added to org is automatically protected)
Member accounts039624954211 (prod), 549136075525 (staging) — both Enabled
Features enabled (auto on new accounts)S3 data events, EBS malware protection, Runtime monitoring (ECS Fargate agent management)

Feature notes ​

  • S3 data events (S3_DATA_EVENTS) — detects unauthorized reads/writes against S3 buckets. Relevant for askflorence-data and future ECS task state buckets.
  • EBS malware protection (EBS_MALWARE_PROTECTION) — scans EBS volumes attached to EC2 for malware. Limited relevance in a Fargate-only stack but enabled as defense-in-depth.
  • Runtime monitoring (RUNTIME_MONITORING with ECS_FARGATE_AGENT_MANAGEMENT) — real-time syscall-level monitoring of Fargate tasks. Once Phase 5 lands ECS, this provides runtime threat detection inside our containers.
  • NOT enabled: EKS audit logs (we don't run EKS), RDS login events (we don't run RDS), Lambda Network Activity (we don't run Lambda), EC2 Agent Management (Fargate-only).

Feature enablement on existing detectors (retroactive, Phase 2.5) ​

The original Phase 2 org-config call set AutoEnable=NEW on the feature plans — which only auto-enrolls future member accounts, not existing ones. Phase 2.5 (2026-04-21) fixed this by pushing the three scoped features to all 4 existing detectors via update-member-detectors from the log-archive delegated admin, plus a direct update-detector on log-archive's own detector. Required enabling the malware-protection.guardduty.amazonaws.com trusted-access for Organizations first (that was the banner the console was showing).

All 4 detectors now have:

  • S3_DATA_EVENTS = ENABLED
  • EBS_MALWARE_PROTECTION = ENABLED
  • RUNTIME_MONITORING = ENABLED with sub-feature ECS_FARGATE_AGENT_MANAGEMENT = ENABLED

Intentionally NOT enabled:

  • EKS, RDS, Lambda sub-features — services we don't run.
  • Cross-account EBS Malware Protection service-role grant (separate from the EBS_MALWARE_PROTECTION feature above) — skipped deliberately. Fargate tasks have no persistent EBS volumes to scan. Documented so a future auditor sees this as an intentional scope limit, not a gap.

Malware Protection for S3 (Phase 2.5) ​

Separate GuardDuty product, scoped specifically to the agent-uploaded PDF surface.

  • Plan ID: d4ced6e0c14fe707c26d (mgmt account 778477254880)
  • Status: ACTIVE
  • Protected resource: S3 bucket askflorence-data, object prefix agent-survey-uploads/
  • Action on detection: object tagging (GuardDutyMalwareScanStatus=THREATS_FOUND or NO_THREATS_FOUND). A future EventBridge rule (Phase 11) forwards THREATS_FOUND to alerting.
  • Custom IAM role: GuardDutyMalwareProtectionS3Role in mgmt. Trust limited to malware-protection-plan.guardduty.amazonaws.com with aws:SourceAccount == 778477254880 condition. Scan permissions scoped to the agent-survey-uploads/ prefix only. Also has kms:GenerateDataKey/Decrypt/DescribeKey on alias/askflorence-data so SSE-KMS objects can be scanned.
  • Smoke-tested 2026-04-21: blank PDF upload via /api/agents/discovery/upload → scan tag applied within ~60 seconds, value NO_THREATS_FOUND.

If malware is ever found, the object stays in S3 but the tag alerts ops (and eventually EventBridge). Manual deletion per the PHI section in ../runbooks/s3-agent-survey-uploads.md.

Where findings go ​

  • GuardDuty console in log-archive account aggregates findings across the org.
  • Security Hub (delegated admin also = log-archive) ingests GuardDuty findings automatically, so they appear in the SH console too.
  • EventBridge (future): a rule that forwards critical findings to PagerDuty or Slack. Will be added in Phase 11.

SCP protection ​

ScpBaseline denies:

  • guardduty:DeleteDetector
  • guardduty:DeleteMembers
  • guardduty:DisassociateFromMasterAccount
  • guardduty:DisassociateMembers
  • guardduty:StopMonitoringMembers

All member accounts are blocked from disabling GuardDuty or leaving the org detector.

Costs ​

Variable — GuardDuty bills on VPC Flow Log bytes, DNS queries, CloudTrail event volume, S3 data events. Pre-launch estimate: $4–8/mo. Scales with traffic.

Runbook ​

  • aws guardduty list-findings --detector-id <id> — pull findings.
  • aws guardduty get-organization-configuration --detector-id <id> — confirm auto-enroll.
  • aws guardduty list-members --detector-id <id> — confirm member account status.
  • Recommended weekly: review Security Hub summary page in log-archive for aggregated findings.
Pager
Previous pageCloudTrail
Next pageSecurity Hub

AskFlorence Internal Documentation. Not for public distribution.

AskFlorence

Internal Documentation

Access restricted. Not for public distribution.