Security Cloud Privacy Tech
Automating Audit Evidence Collection Natively in AWS

Automating Audit Evidence Collection Natively in AWS

2 minute read | Last updated 10-Mar-2022 | An icon depicting a retail tag with a heart for 'favourite' AWSCloud

The AWS Audit Manager can help organize all of your audit and compliance evidence. This solution helps streamline the collection of non-AWS resource data points. More in this Twitter thread ๐Ÿ‘‡.

Tweet 1/8 ๐Ÿ‘‡ Next tweet

before I dive in here, did you know that @awscloud Audit Manager exists?

probably not. tl:dr > it helps map your usage to various regulations & standards to give you a better idea of your risk & compliance posture

some thoughts & a blog post analysis ๐Ÿ‘‡

๐Ÿงต #cloud #security

marknca@marknca tweeted at 10-Mar-2022, 13:52

Tweet 2/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud this ๐Ÿ‘‡ is the workflow for @awscloud Audit Manager. it's not bad for the basics

๐Ÿงต #cloud #security

marknca@marknca tweeted at 10-Mar-2022, 13:52

Tweet 3/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud what started me down this path was this post on the @awssecurityinfo blog, "Streamlining evidence collection with AWS Audit Manager"

https://aws.amazon.com/blogs/security/streamlining-evidence-collection-with-aws-audit-manager/

anything that helps smooth out the evidence gathering process is usually a big win, let’s dig in

๐Ÿงต #cloud #security

marknca@marknca tweeted at 10-Mar-2022, 13:52

Tweet 4/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo right out of the gate, AWS Audit Manager pulls from @awscloud Security Hub, AWS Config, and AWS CloudTrail. so those data sources are already covered

this post shows how an approach to streamlining your custom metrics/data points

๐Ÿงต #cloud #security

marknca@marknca tweeted at 10-Mar-2022, 13:52

Tweet 5/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo the idea is pretty simple

you setup an HTTPS endpoint via @awscloud API Gateway. that endpoint triggers a Lambda which then stores the evidence in S3 while also triggering a Step Function to process the evidence

it’s simple, #serverless, and low cost

๐Ÿงต #cloud #security

marknca@marknca tweeted at 10-Mar-2022, 13:52

Tweet 6/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo the trick now is using this evidence storage method

@awscloud Audit Manager associated evidence to a Control within an Assessments

you need to know where this evidence belongs, in order to use this solution

๐Ÿงต #cloud #security

marknca@marknca tweeted at 10-Mar-2022, 13:52

Tweet 7/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo more from the docs at https://docs.aws.amazon.com/audit-manager/latest/userguide/upload-evidence.html

and

https://docs.aws.amazon.com/audit-manager/latest/userguide/how-evidence-is-collected.html

๐Ÿงต #cloud #security

marknca@marknca tweeted at 10-Mar-2022, 13:52

Tweet 8/8 ๐Ÿ‘‡ Next tweet ๐Ÿ‘† Start

@awscloud @AWSSecurityInfo it's not too complicated to figure this out but it's going to be the top hurdle in getting buy-in from other teams

streamlining the evidence/control/assessment alignment process would be a huge win & make this solution a lot more useful

/๐Ÿงต #cloud #security

marknca@marknca tweeted at 10-Mar-2022, 13:52

๐Ÿ‘† Start

More Content

Prev: Some Thoughts on AWS Well-Architected Custom Lenses

Next: Google Cleans Up Google Cloud Development

Back to top

Related Content