Vulnerability Details
Severity:
Medium
Category:
Cloud
Description
Cloud infrastructure lacks comprehensive logging and monitoring, with services like CloudTrail, VPC Flow Logs, or equivalent not enabled across all regions and accounts.
Risks
Security incidents may go undetected. Without proper logging, forensic investigation becomes impossible, and compliance requirements may not be met. Attackers can operate unnoticed for extended periods.
Remediation
Enable cloud audit logging (CloudTrail, Cloud Audit Logs) across all regions and accounts. Enable VPC flow logs. Centralize logs in a SIEM. Implement alerting for suspicious activities. Protect log storage from tampering.