Logging and monitoring

Network security group flow log retention period is less than 90 days or disabled

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Logs can be used to check for anomalies and give insight into suspected breaches. Flow logs on network watcher {AzureNetworkFlowLog} has to be enabled and retention set to 90 days or more. It will allow you to capture information about IP traffic flowing in and out of network security groups.

  • Recommended Mitigation

    Consider enabling flow logs with a retention period of 90 days or greater.

Need help?

Get a free Security Risk Assessment. Start today

Orca Security Demo Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.