Security Cloud Courses About
imgs/hero.webp

Automating Audit Evidence Collection Natively in AWS

The AWS Audit Manager can help organize all of your audit and compliance evidence. This solution helps streamline the collection of non-AWS resource data points. More in this Twitter thread ๐Ÿ‘‡.

Tweet 1/8 ๐Ÿ‘‡ Next tweet

before I dive in here, did you know that @awscloud Audit Manager exists?

probably not. tl:dr > it helps map your usage to various regulations & standards to give you a better idea of your risk & compliance posture

some thoughts & a blog post analysis ๐Ÿ‘‡

๐Ÿงต #cloud #security

Tweet 2/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud this ๐Ÿ‘‡ is the workflow for @awscloud Audit Manager. it's not bad for the basics

๐Ÿงต #cloud #security

Tweet 3/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud what started me down this path was this post on the @awssecurityinfo blog, "Streamlining evidence collection with AWS Audit Manager"

https://aws.amazon.com/blogs/security/streamlining-evidence-collection-with-aws-audit-manager/

anything that helps smooth out the evidence gathering process is usually a big win, let’s dig in

๐Ÿงต #cloud #security

Tweet 4/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo right out of the gate, AWS Audit Manager pulls from @awscloud Security Hub, AWS Config, and AWS CloudTrail. so those data sources are already covered

this post shows how an approach to streamlining your custom metrics/data points

๐Ÿงต #cloud #security

Tweet 5/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo the idea is pretty simple

you setup an HTTPS endpoint via @awscloud API Gateway. that endpoint triggers a Lambda which then stores the evidence in S3 while also triggering a Step Function to process the evidence

it’s simple, #serverless, and low cost

๐Ÿงต #cloud #security

Tweet 6/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo the trick now is using this evidence storage method

@awscloud Audit Manager associated evidence to a Control within an Assessments

you need to know where this evidence belongs, in order to use this solution

๐Ÿงต #cloud #security

Tweet 7/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

Tweet 8/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo it's not too complicated to figure this out but it's going to be the top hurdle in getting buy-in from other teams

streamlining the evidence/control/assessment alignment process would be a huge win & make this solution a lot more useful

/๐Ÿงต #cloud #security