Logging and monitoring

Log monitoring is not set up for unauthorized API calls

Platform(s)
Compliance Frameworks
  • AliCloud CIS
  • ,
  • Brazilian General Data Protection (LGPD)
  • ,
  • CCPA
  • ,
  • CPRA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • hdh
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • Mitre ATT&CK
  • ,
  • mpa
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • PDPA

Description

Log Service is a real-time data logging service that supports collection, consumption, shipping, search, and analysis of logs. It was detected that log monitoring and alarm are not set up for unauthorized API calls. Monitoring unauthorized API calls will aid in the detection of application errors and may reduce the time required to detect malicious activity.