AWS prescriptive-guidance documentation change
Summary
Expanded logging controls with implementation specifics (e.g., 'Prevent unauthorized access to CloudTrail logs').
Security assessment
Strengthens documentation about securing audit logs and monitoring configurations but does not address a specific vulnerability.
Diff
diff --git a/prescriptive-guidance/latest/security-controls-by-caf-capability/logging-and-monitoring-controls.md b/prescriptive-guidance/latest/security-controls-by-caf-capability/logging-and-monitoring-controls.md index 79368772e..34aa657d6 100644 --- a//prescriptive-guidance/latest/security-controls-by-caf-capability/logging-and-monitoring-controls.md +++ b//prescriptive-guidance/latest/security-controls-by-caf-capability/logging-and-monitoring-controls.md @@ -7 +7 @@ -CloudTrail multi-Region trailService and application loggingCentralized loggingAccess to CloudTrail log filesAlerts for security groups or network ACL changesAlerts for CloudWatch alarms +Configure at least one multi-Region trail in CloudTrailConfigure logging at the service and application levelEstablish a centralized location for analyzing logs and responding to security eventsPrevent unauthorized access to S3 buckets that contain CloudTrail log filesConfigure alerts for changes to security groups or network ACLsConfigure alerts for CloudWatch alarms that enter the ALARM state @@ -13 +13 @@ Logging and monitoring are important aspects of threat detection. Threat detecti -###### Controls in this section: +Controls in this section: