Netskope Community
09-23-2021 04:24 PM
We've continued our blog series on AWS Best Practices, and just published: https://www.netskope.com/blog/a-real-world-look-at-aws-best-practices-logging . Although CloudTrail is a well-trodden subject for AWS Security, there were still a few interesting findings among a slice of our customer base:
If your AWS accounts fall into these categories, we'd like to understand more about whether costs, security risk of assets, alternative controls/products, or other factors play into these controls from the CIS benchmark?
As an example, although encryption at rest using AWS managed keys may not buy a lot from a security-viewpoint, it does from a compliance viewpoint. If the cost is free to negligible, what prevents an organization from encrypting CloudTrail logs at rest on the respective S3 bucket?
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In