Logging and monitoring

Network security group flow log retention period is less than 90 days or disabled

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks
  • Azure CIS

Description

Logs can be used to check for anomalies and give insight into suspected breaches. Flow logs on network watcher {AzureNetworkFlowLog} has to be enabled and retention set to 90 days or more. It will allow you to capture information about IP traffic flowing in and out of network security groups.
  • Recommend icon

    Recommended Mitigation

    Consider enabling flow logs with a retention period of 90 days or greater.

Need help?

Get a free Security Risk Assessment. Start today

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo