BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage AWS CloudTrail Content on InfoQ

News

RSS Feed
  • Non-Production Endpoints as an Attack Surface in AWS

    The security team at Datadog recently disclosed a security issue on AWS where non-production endpoints were used as an attack surface to silently perform permission enumeration. AWS has since remediated these specific bypasses.

  • AWS Patches Undocumented APIs Bypassing CloudTrail Event Logging

    AWS recently patched undocumented IAM APIs that bypassed CloudTrail logging. The vulnerability allowed a malicious user to perform reconnaissance activities on IAM without recording events in CloudTrail or being detected by Amazon GuardDuty.

  • Runtime Security Project Falco Adds Extensible Plugin Framework

    Falco, a cloud-native runtime security project, has released version 0.31.0. This release introduces a new plugin system for defining additional event sources and event extractors to Falco. The plugin system includes SDKs to simplify development and this release ships with a new AWS CloudTrail plugin.

  • AWS Releases Fully-Managed Data Lake for CloudTrail Logs

    AWS announced the release of CloudTrail Lake, a fully-managed data lake for storing and analyzing CloudTrail logs. CloudTrail Lake can aggregate logs across regions and accounts. Once in the lake, the logs can be queried using SQL syntax.

  • AWS Config Gains Cross-Account, Cross-Region Data Aggregation

    Amazon Web Services (AWS) recently added the capability to aggregate compliance data produced by AWS Config rules across multiple accounts and/or regions to enable centralized auditing and governance of AWS resources. A new aggregated dashboard view displays non-compliant rules across the organization. Users can then drill down to view details about resources that are violating any rules.

  • Amazon Introduces AWS Batch Preview

    At the recent AWS Re:Invent event, Amazon announced a new preview service, called AWS Batch. AWS Batch allows organizations to optimize their scheduling and workload execution across a cloud-based landscape. Amazon has built this service in response to many AWS customers building their own batch platforms using EC2 instances, containers and CloudWatch.

  • Amazon CloudWatch Supports JSON Logs and Integrates AWS CloudTrail

    Shortly after releasing the AWS CloudTrail Processing Library (CPL), Amazon Web Services has also integrated AWS CloudTrail with Amazon CloudWatch Logs to enable alarms and respective "notifications from CloudWatch, triggered by specific API activity captured by CloudTrail". The implied support for monitoring JSON-formatted logs has recently been officially released as well.

  • AWS Releases CloudTrail Processing Library

    Amazon Web Services (AWS) recently released the AWS CloudTrail Processing Library (CPL), a "Java client library that makes it easy to build an application that reads and processes CloudTrail log files in a fault tolerant and highly scalable manner".

  • AWS CloudTrail Expands Auditing of API Calls

    Amazon Web Services (AWS) has considerably increased the number of services supported by AWS CloudTrail to cover the majority of the extensive AWS service portfolio. This now includes most compute and networking and all deployment and management services, thereby providing comprehensive end to end auditing of almost any changes to customer’s infrastructure.

BT