Support
 
Phone Get Quote
 
Support
 
US Sales: +1 888 720 9500
US Support: +1 844 245 1108
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: + 1 408 454 4213

 
 

AWS security group change auditing

An AWS security group functions like a firewall, providing security at the protocol and port access levels. Rules added to a security group allow traffic to or from the security group's associated instances. These rules can be modified at any time and are automatically applied to all instances that are associated with the security group.

Accidentally adding a malicious IP address to a security group can result in a security fiasco. With so much at stake, keeping track of every security group change is of utmost importance. Cloud Security Plus offers reports on security group changes, enabling security administrators to quickly detect anomalies and mitigate threats.

Reports on security group changes

These reports provide information on security group changes, including details about the event, the user who made the change, and the source IP from which the change was made. These reports track a number of security group changes, including:

Amazon Relational Database Service (RDS) activity reporting

  • Created security groups.
  • Deleted security groups.
  • Security group configuration changes.
  • Authorized security group ingress and egress.
  • Revoked security group ingress and egress.
  • Network gateway changes.
  • Network Access Control List (ACL) changes.

Are you looking for a unified SIEM solution that can help you detect anomalies and mitigate threats with AWS security group change auditing? Try Log360 today!

  Free 30-day trial  Request demo
© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.