Network security group flow log retention period is less than 90 days

Logging and monitoring

Network security group flow log retention period is less than 90 days

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Azure CIS
Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
hdh
HITRUST
ISO/IEC 27001
Microsoft Cloud Security Benchmark
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA

Description

Logs can be used to check for anomalies and give insight into suspected breaches. Flow logs on network watcher {AzureNetworkFlowLog} has to be enabled and retention set to 90 days or more. It will allow you to capture information about IP traffic flowing in and out of network security groups.

Recommended Mitigation

Consider configure flow logs with a retention period greater than 90 days, or 0 if you want to retain data forever and do not want to apply any retention policy.

Network security group flow log retention period is less than 90 days

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS