Atlassian uses cookies to improve your browsing experience, perform analytics and research, and conduct advertising. Accept all cookies to indicate that you agree to our use of cookies on your device. Atlassian cookies and tracking notice, (opens new window)

CUIT CyberSecurity

All content

How-to articles
How-to articles
This trigger is hidden

Results will update as you type.

Security Info

You‘re viewing this with anonymous access, so some content might be blocked.

/

AWS Security Alerts

Updated Oct 22, 2020

AWS Security Alerts

Oct 22, 2020

Welcome to the CUIT Cybersecurity AWS

type in the name of your alert

Critical

AWS API Key Compromised
Missing Account Owner Information
Network ACLs - All Allowed Ingress/Egress, Any
Public Buckets
User Activity from Blacklisted Countries and Known Bad IP Addresses

High

AWS Region Outside the US
CloudTrail Started/Stopped
Console Brute Force Detected
Disabled or Scheduled Deletion of CMK
Geographic Improbable Login
High Volume of Lambda Activity Detected
Login Bypassing SAML
Malicious Activity Detected - Threat Intel
Root Account Activity
Security Group Changes
Security Hub Changes
Short Lived Accounts
User Without MFA
Web App Attack Detected Malicious UserAgent

Low

Gateway Changes
IAM Policy Changes
Route Table Changes
S3 Bucket Changes
Security Group Change
Unusual Instance Specifications and Types
VPC Changes

Medium

AWS Config Rule Change
Foreign Domain Name Registered
High Volume/Denied API Activity
Lambda Errors
Mass Creation/Deletion of Instances

, multiple selections available, Use left or right arrow keys to navigate selected items

{"serverDuration": 8, "requestCorrelationId": "967add48e8cd4b989f15fbefcab5be76"}