Vendor services misconfigurations

CloudFront distributions logging is disabled

Platform(s)
Compliance Frameworks
  • AWS Foundational Security Best Practices Controls
    • ,
  • Brazilian General Data Protection (LGPD)
    • ,
  • CCM-CSA
    • ,
  • CCPA
    • ,
  • CPRA
    • ,
  • GDPR
    • ,
  • hdh
    • ,
  • HITRUST
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • PDPA
    • ,
  • UK Cyber Essentials

Description

We have found that server access logging is disabled for CloudFront Distribution {AwsCloudFront}. Amazon CloudFront is a high-performance content delivery network (CDN) service that securely delivers data, videos, apps, and APIs to customers around the world with low latency and high transfer speeds. The Amazon CloudFront distribution have server access logging option. CloudFront access logs contain complete information about each user request received by CloudFront.
Need help?

Get a free Security Risk Assessment. Start today

Demo the Orca Platform

In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

Get a Demo