Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for Amazon Kinesis

Amazon Kinesis
Amazon Kinesis icon

Out-of-the-Box Security For Amazon Kinesis Includes:

Alerts - 5

Stay on top of Amazon Kinesis key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Record access detected from a new user

This alert indicates the retrieval of a record by a new user that hasn't been observed within the last month. Impact This alert indicates the retrieval of initial records from an Amazon Kinesis stream by a new user. While this activity can be a normal part of stream usage, it could also be malicious if the user is attempting to gain unauthorized access to sensitive data or if it's part of a reconnaissance phase before launching more advanced attacks. Mitigation Review the user's access privileges, confirm if the retrieval was intentional or unauthorized, and take necessary action to enforce least privilege access if needed. MITRE Tactic: TA0003 MITRE Technique: T1081

Stream deletion detected

This alert detects the deletion of a stream within Amazon Kinesis. Impact This alert indicates the deletion of an Amazon Kinesis stream, which can lead to the loss of valuable data, disruption of data processing workflows, and potential impact on downstream applications that rely on the stream's data. Mitigation Monitor stream deletion activities, enforce access controls, and regularly review and audit stream changes to prevent unauthorized deletions within Amazon Kinesis. MITRE Tactic: TA0040 MITRE Technique: T1485

Stream encryption stopped

This alert detects the stopping of encryption for a stream within Amazon Kinesis. Impact This alert signifies the termination of encryption for an Amazon Kinesis stream, potentially resulting in data exposure, unauthorized access, and compromised data security measures. Mitigation Validate that the action was approved, investigate further if not. MITRE Tactic: TA0040 MITRE Technique: T1485

Excessive stream deletion detected

This alert triggers when a single user attempts more than 10 stream deletions within a 5-minute interval. Impact This alert indicates an excessive stream deletions, which could suggest potential unauthorized activities, misconfigurations, or security risks within the Amazon Kinesis environment. Mitigation Investigate the reason for the high volume of stream deletion, ensure proper access controls and permissions are in place, and promptly address any unauthorized activities or misconfigurations. MITRE Tactic: TA0040 MITRE Technique: T1485

Excessive stream creation detected

This alert triggers when a single user attempts more than 10 stream creations within a 5-minute interval. Impact This alert indicates an excessive stream creations, which may suggest misconfigurations, operational issues, or potential security risks within the AWS Systems Manager environment. Mitigation Validate that the action was approved, investigate further if not. MITRE Tactic: TA0007 MITRE Technique: T1082

Documentation

Learn more about Coralogix's out-of-the-box integration with Amazon Kinesis in our documentation.

Read More
Schedule Demo