ACM certificate without Transparency Logging

Logging and monitoring

ACM certificate without Transparency Logging

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
hdh
HITRUST
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA

Description

We have found an ACM certificate ('{AwsCertificate}') without transparency logging enabled. To guard against SSL/TLS certificates that are issued by mistake or by a compromised CA, some browsers require that public certificates issued for your domain be recorded in a certificate transparency log.

Recommended Mitigation

Enable transparency logging for all ACM certificates

ACM certificate without Transparency Logging

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS