Here is why you need AWS CloudTrail logs and Guardduty alerts enabled to keep your cloud environment safe. If you want to take it step further use a tool like WIZ which is a cloud-native application protection platform (CNAPP)