AWS Security Blog

Tag: Logging

How US federal agencies can use AWS to improve logging and log retention

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. This post is part of a series about how Amazon Web Services (AWS) can help your US federal agency meet the requirements of the President’s Executive Order on Improving the Nation’s Cybersecurity. You will learn how you can use AWS […]

Read More

Automate Amazon Athena queries for PCI DSS log review using AWS Lambda

In this post, I will show you how to use AWS Lambda to automate PCI DSS (v3.2.1) evidence generation, and daily log review to assist with your ongoing PCI DSS activities. We will specifically be looking at AWS CloudTrail Logs stored centrally in Amazon Simple Storage Service (Amazon S3) (which is also a Well-Architected Security […]

Read More

Enable automatic logging of web ACLs by using AWS Config

In this blog post, I will show you how to use AWS Config, with its auto-remediation functionality, to ensure that all web ACLs have logging enabled. The AWS CloudFormation template included in this blog post will facilitate this solution, and will get you started being able to manage web ACL logging at scale. AWS Firewall […]

Read More

Alerting, monitoring, and reporting for PCI-DSS awareness with Amazon Elasticsearch Service and AWS Lambda

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Logging account activity within your AWS infrastructure is paramount to your security posture and could even be required by compliance standards such as PCI-DSS (Payment Card Industry Security Standard). Organizations often analyze these logs to adapt to changes and respond […]

Read More

Amazon QuickSight Now Supports Audit Logging with AWS CloudTrail

Amazon QuickSight democratizes business intelligence, making it easier and cheaper for you to provide advanced business analytics capabilities to everyone in your organization. Amazon QuickSight also enables you to understand your business better and helps you make data-driven decisions more quickly. However, determining who has access to which data in your organization can still be […]

Read More

New Whitepaper: Security at Scale: Logging in AWS

The newly released Security at Scale: Logging in AWS whitepaper is designed to illustrate how AWS CloudTrail can help you meet compliance and security requirements through the logging of API calls. The API call history can be used to track changes to resources, perform security analysis, operational troubleshooting and as an aid in meeting compliance […]

Read More