Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for AWS Security Group

AWS Security Group
AWS Security Group icon

Out-of-the-Box Security For AWS Security Group Includes:

Alerts - 4

Stay on top of AWS Security Group key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Egress rule was added

This rule detects the addition of the specified egress rule to a security group. Impact Egress rules prevent unauthorized access by internal resources to possibly dangerous endpoints. The addition of an egress rule should be verified to be a legitimate and authorized action. Mitigation Review the added Egress rule and validate if the action was authorized, investigate further if not. MITRE Tactic: TA0003 MITRE Technique: T1078

Ingress rule was added

This rule detects the addition of the specified ingress rule to a security group. Impact Ingress rules permits instances to receive traffic from specific CIDR ranges. The addition of an ingress rule should be verified to be a legitimate and authorized action. Mitigation Review the added Ingress rule and validate if the action was authorized, investigate further if not. MITRE Tactic: TA0003 MITRE Technique: T1078

Ingress rule was revoked

This rule detects the removal of the specified ingress rule from a security group. Impact Ingress rules permits instances to receive traffic from specific CIDR ranges. The deletion of an ingress rule should be verified to be a legitimate and authorized action. Mitigation Review the revoked ingress rule and validate if the action was authorized, investigate further if not. MITRE Tactic: TA0040 MITRE Technique: T1531

Egress rule was revoked

This rule detects the removal of the specific egress rule from a security group. Impact Egress rules prevent unauthorized access by internal resources to possibly dangerous endpoints. The deletion of an Egress rule should be verified to be a legitimate and authorized action. Mitigation Review the revoked Egress rule and validate if the action was authorized, Investigate further if not. MITRE Tactic: TA0040 MITRE Technique: T1531

Documentation

Learn more about Coralogix's out-of-the-box integration with AWS Security Group in our documentation.

Read More
Schedule Demo