Logging and monitoring

Audit log retention period is not set to 365 days

Platform(s)
  • Oracle Cloud Infrastructure

Compliance Frameworks
  • CCPA
  • ,
  • CPRA
  • ,
  • hdh
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • Mitre ATT&CK
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • OCI CIS
  • ,
  • PDPA
  • ,
  • pipeda

Description

Log retention controls how long activity logs should be retained. Studies have shown that The Mean Time to Detect (MTTD) a cyber breach is anywhere from 30 days in some sectors to up to 206 days in others. It was detected that the audit retention period under tenancy {OciIdentityCompartment.Name} is not set to 365 days. Retaining logs for at least 365 days will provide the ability to respond to incidents.