Logging and monitoring

ACM certificate without Transparency Logging

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

We have found an ACM certificate ('{AwsCertificate}') without transparency logging enabled. To guard against SSL/TLS certificates that are issued by mistake or by a compromised CA, some browsers require that public certificates issued for your domain be recorded in a certificate transparency log.

  • Recommended Mitigation

    Enable transparency logging for all ACM certificates

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.