AWS GuardDuty and CloudSploit Events are complementing services. AWS GuardDuty provides machine-learning-based predictions of activity within an AWS account to detect malicious activity. CloudSploit Events provides analysis of the same events to compare against security best practices and known attack patterns. By way of example, GuardDuty may detect EC2 instances being launched to mine cryptocurrency based on network calls, while CloudSploit Events may detect that a known user launched a new EC2 instance with insecure security groups.