Quick Start Security for AWS Security Group
Thank you!
We got your information.
Coralogix Extension For AWS Security Group Includes:
Alerts - 4
Stay on top of AWS Security Group key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.
Egress rule was added
This rule detects the addition of the specified egress rule to a security group. Impact Egress rules prevent unauthorized access by internal resources to possibly dangerous endpoints. The addition of an egress rule should be verified to be a legitimate and authorized action. Mitigation Review the added Egress rule and validate if the action was authorized, investigate further if not. MITRE Tactic: TA0003 MITRE Technique: T1078
Ingress Rule Was Added
'Summary This rule detects the addition of the specified ingress rule to a security group. Impact Ingress rules permits instances to receive traffic from specific CIDR ranges. The addition of an ingress rule should be verified to be a legitimate and authorized action. Mitigation Review the added Ingress rule and validate if the action was authorized, investigate further if not. MITRE Tactic: TA0003 MITRE Technique: T1078'
Ingress rule was revoked
This rule detects the removal of the specified ingress rule from a security group. Impact Ingress rules permits instances to receive traffic from specific CIDR ranges. The deletion of an ingress rule should be verified to be a legitimate and authorized action. Mitigation Review the revoked ingress rule and validate if the action was authorized, investigate further if not. MITRE Tactic: TA0040 MITRE Technique: T1531
Egress rule was revoked
This rule detects the removal of the specific egress rule from a security group. Impact Egress rules prevent unauthorized access by internal resources to possibly dangerous endpoints. The deletion of an Egress rule should be verified to be a legitimate and authorized action. Mitigation Review the revoked Egress rule and validate if the action was authorized, Investigate further if not. MITRE Tactic: TA0040 MITRE Technique: T1531
Integration
Learn more about Coralogix's out-of-the-box integration with AWS Security Group in our documentation.