Amazon GuardDuty has added new functionality to its integration with AWS Organizations to make it even simpler to enforce threat detection across all accounts in an organization. Since April 2020, GuardDuty customers can leverage its integrations with AWS Organizations to manage GuardDuty for up to 5,000 AWS accounts, as well as automatically apply threat detection coverage to new accounts added to the organization. In some case, this could still result in coverage gaps, for example, if GuardDuty was not applied to all existing accounts, or if it was unintentionally suspended in individual accounts. Now with a few steps in the GuardDuty console, or one API call, delegated administrators can enforce GuardDuty threat detection coverage for their organization by automatically applying the service to all existing and new accounts, as well as automatically identifying and remediating potential coverage drift. To learn more, see the Amazon GuardDuty account management User Guide.