As security threats continue to evolve, we want to ensure that you are adhering to up-to-date compliance requirements and security best practices in the public cloud. Some of the security compliance standards, such as CIS AWS Benchmarks 1.1.0, require that log metric filters and alarms exist.

For example: “Ensure a log metric filter and alarm exist for CloudTrail configuration”

Is part of the Section 3.5 of the AWS CIS Foundations Benchmark.In addition this control is relevant to the following compliance frameworks:

Compliance Framework NIST 800-53 Rev 4 PCI 3.2 GDPR HIPAA
Control/Section SI-4, AU-6 10.5, 10.6 Article 30 164.312(b)

 

Previously, if an SNSSubscriber returned false, identifying the reason for the failure was a complex task, since there are multiple possible configurations that could be the cause of the failure. Now, with the expanded information on SNS Subscriptions, those additional fields are included. In summary:

– Entities included attribute: hasSNSSubscriber

– Expanded the metric filters structure to better troubleshoot SNS subscriptions – now you can view the exact configurations via the JSON view in our Compliance Engine screens.

– Included the metric filter transformations to have the alarms attached to them.

– Ensured each alarm has actions and each action has the SNS Subscriptions regarding its topic ARN

Stay tuned for further updates!