💼 4.6 Ensure AWS Management Console authentication failures are monitored - Level 2 (Manual)
- ID:
/frameworks/cis-aws-v3.0.0/04/06
Description
Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs, or an external Security information and event management (SIEM) environment, and establishing corresponding metric filters and alarms.
It is recommended that a metric filter and alarm be established for failed console authentication attempts.
Similar
- Sections
/frameworks/cis-aws-v4.0.0/04/06/frameworks/cis-aws-v2.0.0/04/06
- Internal
- ID:
dec-c-a1de0042
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS AWS v2.0.0 → 💼 4.6 Ensure AWS Management Console authentication failures are monitored - Level 2 (Manual) | 1 | no data | |||
| 💼 CIS AWS v4.0.0 → 💼 4.6 Ensure AWS Management Console authentication failures are monitored (Manual) | 1 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS AWS v2.0.0 → 💼 4.6 Ensure AWS Management Console authentication failures are monitored - Level 2 (Manual) | 1 | no data | |||
| 💼 CIS AWS v4.0.0 → 💼 4.6 Ensure AWS Management Console authentication failures are monitored (Manual) | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS CloudTrail Management Console Authentication Failures Monitoring is not enabled🟢⚪ | 🟢 x2, ⚪ x1 | no data |