The AWS Audit Manager can help organize all of your audit and compliance evidence. This solution helps streamline the collection of non-AWS resource data points. More in this Twitter thread 馃憞.
before I dive in here, did you know that @awscloud Audit Manager exists?
probably not. tl:dr > it helps map your usage to various regulations & standards to give you a better idea of your risk & compliance posture
some thoughts & a blog post analysis 馃憞
馃У #cloud #security
@marknca tweeted at 10-Mar-2022, 13:52
Tweet 2/8 馃憞 Next tweet 馃憜 Start
@awscloud this 馃憞 is the workflow for @awscloud Audit Manager. it's not bad for the basics
馃У #cloud #security
@marknca tweeted at 10-Mar-2022, 13:52
Tweet 3/8 馃憞 Next tweet 馃憜 Start
@awscloud what started me down this path was this post on the @awssecurityinfo blog, "Streamlining evidence collection with AWS Audit Manager"
https://aws.amazon.com/blogs/security/streamlining-evidence-collection-with-aws-audit-manager/
anything that helps smooth out the evidence gathering process is usually a big win, let's dig in
馃У #cloud #security
@marknca tweeted at 10-Mar-2022, 13:52
Tweet 4/8 馃憞 Next tweet 馃憜 Start
@awscloud @AWSSecurityInfo right out of the gate, AWS Audit Manager pulls from @awscloud Security Hub, AWS Config, and AWS CloudTrail. so those data sources are already covered
this post shows how an approach to streamlining your custom metrics/data points
馃У #cloud #security
@marknca tweeted at 10-Mar-2022, 13:52
Tweet 5/8 馃憞 Next tweet 馃憜 Start
@awscloud @AWSSecurityInfo the idea is pretty simple
you setup an HTTPS endpoint via @awscloud API Gateway. that endpoint triggers a Lambda which then stores the evidence in S3 while also triggering a Step Function to process the evidence
it's simple, #serverless, and low cost
馃У #cloud #security
@marknca tweeted at 10-Mar-2022, 13:52
Tweet 6/8 馃憞 Next tweet 馃憜 Start
@awscloud @AWSSecurityInfo the trick now is using this evidence storage method
@awscloud Audit Manager associated evidence to a Control within an Assessments
you need to know where this evidence belongs, in order to use this solution
馃У #cloud #security
@marknca tweeted at 10-Mar-2022, 13:52
Tweet 7/8 馃憞 Next tweet 馃憜 Start
@awscloud @AWSSecurityInfo more from the docs at https://docs.aws.amazon.com/audit-manager/latest/userguide/upload-evidence.html
and
https://docs.aws.amazon.com/audit-manager/latest/userguide/how-evidence-is-collected.html
馃У #cloud #security
@marknca tweeted at 10-Mar-2022, 13:52
Tweet 8/8 馃憞 Next tweet 馃憜 Start
@awscloud @AWSSecurityInfo it's not too complicated to figure this out but it's going to be the top hurdle in getting buy-in from other teams
streamlining the evidence/control/assessment alignment process would be a huge win & make this solution a lot more useful
/馃У #cloud #security
@marknca tweeted at 10-Mar-2022, 13:52
