No monitoring for VPC Network Firewall rule changes

Logging and monitoring

No monitoring for VPC Network Firewall rule changes

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GCP CIS
GDPR
hdh
HITRUST
ISO/IEC 27001
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Monitoring for Create or Update Firewall rule events gives insight to network access changes and may reduce the time it takes to detect suspicious activity.

Recommended Mitigation

In the User-defined Metrics section, ensure that at least one metric is present with filter text: resource.type=""gce_firewall_rule"" AND jsonPayload.event_subtype=""compute.firewalls.patch"" OR jsonPayload.event_subtype=""compute.firewalls.insert""

No monitoring for VPC Network Firewall rule changes

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS