Logging and monitoring

Audit log retention period is not set to 365 days

Platform(s)
  • Oracle Cloud Infrastructure

Compliance Frameworks

CCPA, CPRA, hdh, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, OCI CIS, PDPA, pipeda

Description

Log retention controls how long activity logs should be retained. Studies have shown that The Mean Time to Detect (MTTD) a cyber breach is anywhere from 30 days in some sectors to up to 206 days in others. It was detected that the audit retention period under tenancy {OciIdentityCompartment.Name} is not set to 365 days. Retaining logs for at least 365 days will provide the ability to respond to incidents.