💼 5.10 Ensure security group changes are monitored (Manual)
- ID:
/frameworks/cis-aws-v7.0.0/05/10
Stats
not available
Description
Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs or an external Security Information and Event Management (SIEM) environment, and establishing corresponding metric filters and alarms.
Security groups are stateful packet filters that control ingress and egress traffic within a VPC.
It is recommended that a metric filter and alarm be established to detect changes to security groups.
Similar
- Sections
/frameworks/cis-aws-v6.0.0/05/10
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS AWS v6.0.0 → 💼 5.10 Ensure security group changes are monitored (Manual) | 1 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS AWS v6.0.0 → 💼 5.10 Ensure security group changes are monitored (Manual) | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS CloudTrail Security Group Changes Monitoring is not enabled🟢⚪ | 🟢 x2, ⚪ x1 | no data |