Security Cloud Privacy Tech

Automating Audit Evidence Collection Natively in AWS

The AWS Audit Manager can help organize all of your audit and compliance evidence. This solution helps streamline the collection of non-AWS resource data points. More in this Twitter thread .

Tweet 1/8  Next tweet

before I dive in here, did you know that @awscloud Audit Manager exists?

probably not. tl:dr > it helps map your usage to various regulations & standards to give you a better idea of your risk & compliance posture

some thoughts & a blog post analysis

#cloud #security

Tweet 2/8  Next tweet  Start

@awscloud this is the workflow for @awscloud Audit Manager. it’s not bad for the basics

#cloud #security

Tweet 3/8  Next tweet  Start

@awscloud what started me down this path was this post on the @awssecurityinfo blog, “Streamlining evidence collection with AWS Audit Manager”

anything that helps smooth out the evidence gathering process is usually a big win, let’s dig in

#cloud #security

Tweet 4/8  Next tweet  Start

@awscloud @AWSSecurityInfo right out of the gate, AWS Audit Manager pulls from @awscloud Security Hub, AWS Config, and AWS CloudTrail. so those data sources are already covered

this post shows how an approach to streamlining your custom metrics/data points

#cloud #security

Tweet 5/8  Next tweet  Start

@awscloud @AWSSecurityInfo the idea is pretty simple

you setup an HTTPS endpoint via @awscloud API Gateway. that endpoint triggers a Lambda which then stores the evidence in S3 while also triggering a Step Function to process the evidence

it’s simple, #serverless, and low cost

#cloud #security

Tweet 6/8  Next tweet  Start

@awscloud @AWSSecurityInfo the trick now is using this evidence storage method

@awscloud Audit Manager associated evidence to a Control within an Assessments

you need to know where this evidence belongs, in order to use this solution

#cloud #security

Tweet 7/8  Next tweet  Start

Tweet 8/8  Next tweet  Start

@awscloud @AWSSecurityInfo it’s not too complicated to figure this out but it’s going to be the top hurdle in getting buy-in from other teams

streamlining the evidence/control/assessment alignment process would be a huge win & make this solution a lot more useful

/ #cloud #security