I would assess the integration of AWS GuardDuty with Threat Intelligence as majorly positive; no threat intelligence is 100% accurate, and there are a few false positives, but as a security engineer, this must be accepted, and overall, the response and service is good for us. We do not directly use AWS GuardDuty dashboard by itself, as we have our own integrated security dashboard; AWS GuardDuty gives the feed to that dashboard, and it's giving us a satisfactory view of how the security landscape looks. We use metrics such as zero-day threats, any malicious traffic, and any traffic which originates from OFAC countries to measure its effectiveness, as we are majorly into a financial institution, as any traffic that is from a malicious IP or a rogue device. I don't see any significant negative points regarding AWS GuardDuty; it's a good product to have if you're a cloud consumer. I rate AWS GuardDuty nine out of ten overall.
