Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Netskope Community
-
Forums
ProductsCommunity Resources
-
Learn
Education, Training, Certification, and Thought LeadershipCommunity Resources
-
Groups
Community GroupsCommunity Resources
-
Events
Community Resources
- Support
- Netskope Community
- Learn
- Blogs
- A Real-World Look at AWS Best Practices: Logging
A Real-World Look at AWS Best Practices: Logging
jhwong
Moderator
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
09-23-2021
05:19 PM
Check out our latest blog series on AWS Best Practices on Logging!
Although CloudTrail is a well-trodden subject for AWS Security, there were still a few interesting findings among a slice of our customer base:
- Enable VPC flow logs: 81% of VPCs do not have VPC flow logging enabled, which will hinder incident response and investigations.
- Encrypt CloudTrail logs at rest: 91% of CloudTrail logs are not encrypted at rest. Encryption at rest supports data compliance controls and is easy to do.
- Ensure S3 bucket access logging is enabled for CloudTrail buckets: 41% of CloudTrail buckets do not have server access logging enabled. Logging should be enabled for all CloudTrail S3 buckets.
- Ensure CloudTrail logs are integrated with CloudWatch or a SIEM: 54% of CloudTrails are not integrated with CloudWatch. These should be reviewed to ensure they are integrated with a production log search service or SIEM.
If your AWS accounts fall into these categories, let us know more about whether costs, security risk of assets, alternative controls/products, or other factors play into these controls from the CIS benchmark.
Share your response in the comments below!
Labels:
Article Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Labels
-
AWS
7 -
CSPM
4 -
csa
4 -
cloud threat exchange
3 -
cloud exchange
3 -
guide
3 -
oauth
2 -
sso
2 -
best practice
2 -
IaC
2 -
NPA
2 -
Terraform
2 -
Netskope Threat Labs
2 -
Infrastructure as Code
2 -
Netskope Private Access
2 -
APIv2
2 -
CCI
2 -
API
2 -
docker
1 -
applications
1 -
risk
1 -
okta
1 -
ip allow lists
1 -
phishing oauth
1 -
malware
1 -
ransomware
1 -
technology partner
1 -
networking
1 -
Azure
1 -
Amazon Web Serivces
1 -
Log4j
1 -
Attack Surface Management
1 -
CASB
1 -
vulnerability
1 -
Threat and Vulnerability Management
1 -
cve
1 -
ASM
1 -
User Group
1 -
App tagging
1 -
TVM
1 -
Sanctioned apps
1 -
NPA Windows Autopilot
1 -
Managed apps
1 -
compliance
1
Related Content
Popular Articles
Here are some of the popular articles from this blog.
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In