Key Vault actions not logged
Monitoring how and when key vaults are accessed, and by whom enables an audit trail of interactions with confidential information,...
Blog
No monitoring for Audit Configuration changes
Configuring the metric filter and alerts for audit configuration changes ensures the recommended state of audit configuration is maintained so...
ELB Access Log is Disabled
Ensure ELB access log is enabled, In order to maintain visibility to changes
Project with Cloud Asset Inventory API disabled
GCP Cloud Asset Inventory is a service that provides a historical view of GCP resources and IAM policies through a...
EKS control plane logging is disabled
EKS control plane logging is disabled on {AwsEksCluster} cluster. EKS control plane logging provides audit and diagnostic logs. These logs...
SQL server audit retention less than 90 days
Audit logs retention period is less than 90 days for {AzureSqlDbServer} SQL db. Audit Logs can be used to check...
Enhanced instance metadata service (IMDSv2) is not enforced
The use of IMDSv2, the enhanced version of the Instance Metadata Service, is not enforced on the EC2 instance {AwsEc2Instance}...
ACM certificate without Transparency Logging
We have found an ACM certificate ('{AwsCertificate}') without transparency logging enabled. To guard against SSL/TLS certificates that are issued by...
Log monitoring is not set up for unauthorized API calls
Log Service is a real-time data logging service that supports collection, consumption, shipping, search, and analysis of logs. It was...