CloudTrail 漏洞列表

Ensure Amazon CloudTrail trails log S3 data events to monitor object-level operations like GetObject, DeleteObject, and PutObject.

Ensures AWS CloudTrail is enabled in all regions to monitor and record account activity across your AWS infrastructure, enhancing security and compliance.

Ensure CloudTrail logging is configured to prevent duplicate recording of global service events across multiple trails.

Ensure Amazon CloudTrail trails are configured to capture both regional and global API activity for enhanced security and compliance in your AWS account.

Ensure Amazon CloudTrail logs are integrated with CloudWatch Logs for real-time monitoring and analysis.

Ensure CloudTrail log file integrity validation is enabled to detect unauthorized file modifications.

Ensure Amazon CloudTrail logs are encrypted at rest using AWS Key Management Service (KMS) to secure log data.

Ensure Amazon CloudTrail buckets have MFA Delete enabled to protect log file deletion.

Ensures Amazon CloudTrail trails are configured to log management events, capturing crucial API calls and console actions for security and audit purposes.

Identifies AWS CloudTrail S3 buckets that are publicly accessible, risking exposure of sensitive log data.

Ensure AWS CloudTrail logs are captured in S3 buckets with Server Access Logging enabled for audit and forensic purposes.

Ensure Amazon CloudTrail S3 buckets have Object Lock enabled to prevent log deletion and ensure regulatory compliance.