AWS whitepapers documentation change
Summary
Updated 'ELB logs' to 'Elastic Load Balancing logs' in detective controls section
Security assessment
Consistency change in log naming conventions. No modification to security controls or vulnerability guidance. Logging recommendations remain identical.
Diff
diff --git a/whitepapers/latest/aws-caf-security-perspective/threat-detection.md b/whitepapers/latest/aws-caf-security-perspective/threat-detection.md index 34fd45bc2..0be1da255 100644 --- a//whitepapers/latest/aws-caf-security-perspective/threat-detection.md +++ b//whitepapers/latest/aws-caf-security-perspective/threat-detection.md @@ -27 +27 @@ When creating _directive_ , _preventative_ , _detective_ , and _responsive_ cont - * [ELB logs](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html) + * [Elastic Load Balancing logs](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html) @@ -50 +50 @@ Enabling detective controls on an AWS account or across AWS Organizations should -Using automation for the deployment of detective controls and logging services will allow the threat detection team to match the growth as an organization expands and creates new accounts. Tools like [Assisted Log Enabler for AWS](https://aws.amazon.com/blogs/opensource/introducing-assisted-log-enabler-for-aws/) give threat detection teams the ability to enable and audit [AWS CloudTrail logs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-log-file-examples.html), [Amazon Elastic Kubernetes Service (Amazon EKS) logs](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html), Amazon Route 53 resolver query logs, ELB logs, Amazon S3 server access logs, and VPC Flow Logs across accounts, within a single account, or across AWS Organizations. +Using automation for the deployment of detective controls and logging services will allow the threat detection team to match the growth as an organization expands and creates new accounts. Tools like [Assisted Log Enabler for AWS](https://aws.amazon.com/blogs/opensource/introducing-assisted-log-enabler-for-aws/) give threat detection teams the ability to enable and audit [AWS CloudTrail logs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-log-file-examples.html), [Amazon Elastic Kubernetes Service (Amazon EKS) logs](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html), Amazon Route 53 resolver query logs, Elastic Load Balancing logs, Amazon S3 server access logs, and VPC Flow Logs across accounts, within a single account, or across AWS Organizations.