I find it telling that this advertisement pretty much stops at "now you get an alert". Ok, so what?
Sure, it's nice to know that someone, somewhere is footprinting your S3 buckets. You might event get some idea of the location their infrastructure. And what exactly are you going to do with that information? As the advertisement rightly points out:
The traditional response to unauthenticated S3 bruteforce enumeration was "there's nothing we can do about that." Unauthenticated OSINT was accepted as undetectable background noise.
And this doesn't offer anything to change that. It's still background noise, it's just cluttering up your incident queue now with unactionable alerts. At best, this gets automated to add the IP address to a firewall blocklist. You know, the sort of thing Fail2Ban has been doing for decades, is open source, and free. Of course, the attacker is probably going to rotate IPs, or just use a different bit of infrastructure, to launch attacks from. So, it's not terribly helpful. You're just going to end up black-holing half of AWS/Azure, all of OHV and maybe the odd IP out of former Soviet Block countries which weren't already blocked entirely based on geoIP.
This is one of those neat tech demos, which is probably best left to companies like GreyNoise and the rest of us just subscribe to their blocklists.