Non-calamitous conclusions
When teams work in silos, they often can have different interpretations of the same data. There’s no way to leverage the real benefits of automated remediation if this is your reality. Ensuring visibility across teams is a critical component in a shared data set where everyone can come to the same conclusions. And if this understanding and trust between teams is achieved, then you might be ready to get into the particulars of automated remediation.
In the 4 Levels of Automated Remediation Introduction, we introduced the different levels of automated remediation. We discussed how the simple act of automating notifications for events can help keep security personnel honest when it comes to ensuring a proper workflow is maintained. Now, let’s explore the first of the 4 levels of automated remediation.
Logs on, rock on
Properly securing a new cloud account includes calibrating fundamentals. With AWS, these might include:
For CloudTrail: Ensuring all logs are aggregated to a central bucket and all regions are logging
For S3 buckets: Enabling versioning, logging, and server-side encryption
For EBS: Ensuring all volumes associated with an instance are tagged
Fundamentally enabling configurations and logging can have benefits like easier investigation of security events. With InsightIDR, for example, you can create automatic workflows for investigations and easily search logs to detect and respond to threats. Thus, it’s in the organization's best interest to perform thorough and extensive logging.
Anything for integrations
Continuing with AWS use cases, InsightIDR is deeply integrated with critical servic ..
Support the originator by clicking the read the rest link below.
