Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for Amazon Cognito

Amazon Cognito
Amazon Cognito icon

Coralogix Extension For Amazon Cognito Includes:

Alerts - 7

Stay on top of Amazon Cognito key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

An identity pool deletion detected

This rule monitors for the deletion of an identity pool. Impact Deletion of an identity pool could lead to unintended data loss or to access denial for users, loss of authentication capabilities, and disruption to application functionality that relies on Amazon Cognito's identity pool. Mitigation Verify that the deletion was authorized and investigate further if not. MITRE Tactic: TA0040 MITRE Technique: T1485

An identity pool modification detected

This rule monitors the update of an identity pool. Impact This alert indicates potential modifications to an Amazon Cognito identity pool, which could have implications for user authentication, data security, and overall application behavior. These changes may result in user access problems and potential security vulnerabilities if not adequately monitored and managed. Mitigation Validate that the action was approved, investigate further if not. MITRE Tactic: TA0005 MITRE Technique: T1098

An user pool modification detected

This rule monitors the update of an user pool. Impact This alert signifies potential changes made to an Amazon Cognito user pool, which could impact user authentication, data security, and application behavior. It may lead to user access issues, and potential security vulnerabilities if not properly monitored and controlled. Mitigation Validate that the action was approved, investigate further if not. MITRE Tactic: TA0005 MITRE Technique: T1098

A group deletion detected

This rule monitors for the deletion of a group. Impact The deletion of a user group within Amazon Cognito can disrupt access management, cause loss of permissions and roles associated with the group, and potentially lead to issues in user authentication and authorization processes. Mitigation Verify that the deletion was authorized and investigate further if not. MITRE Tactic: TA0040 MITRE Technique: T1485

An user pool deletion detected

This rule monitors for the deletion of an user pool. Impact The deletion of a user pool in Amazon Cognito could potentially lead to the compromise of user accounts and sensitive user data, loss of access to critical application features, and disruption of user experiences, posing risks to data privacy and application security. Mitigation Verify that the deletion was authorized and investigate further if not. MITRE Tactic: TA0040 MITRE Technique: T1485

Excessive user pool creation detected

This alert triggers when a single user attempts more than 10 user pool creations within a 5-minute interval. Impact This alert could potentially indicate misconfigurations, operational issues, or security risks within the Amazon Cognito environment. Mitigation Validate that the action was approved, investigate further if not. MITRE Tactic: TA0007 MITRE Technique: T1082

Excessive group creation detected

This alert triggers when a single user attempts more than 10 group creations within a 5-minute interval. Impact This alert could potentially indicate misconfigurations, operational issues, or security risks within the Amazon Cognito environment. Mitigation Validate that the action was approved, investigate further if not. MITRE Tactic: TA0007 MITRE Technique: T1082

Integration

Learn more about Coralogix's out-of-the-box integration with Amazon Cognito in our documentation.

Read More
Schedule Demo