Category: AWS CloudTrail

Introduction In the ever-evolving world of cloud computing, maintaining robust security and compliance is paramount. As usage of multicloud environments grows, the need for comprehensive monitoring and logging solutions becomes more critical. Enter the synergy of Azure Audit Logs and AWS CloudTrail Lake—a powerful combination that provides comprehensive visibility across your cloud environments. Azure Audit […]

AWS CloudTrail Lake introduces powerful new features to help you analyze and investigate your AWS activity logs more efficiently. New capabilities include enhanced event filtering, AI-powered natural language querying, AI-powered query result summarization, cross-account sharing of event data stores, and comprehensive dashboard capabilities. These enhancements enable deeper insights and faster investigations while providing greater control over data ingestion costs and analysis, making it easier than ever to monitor and secure your AWS environments.

This blog post will guide you through a quick start on using HAQM Q Developer for operational investigations on AWS. We’ll walk you through the step-by-step process of setting up this powerful AI-assisted troubleshooting tool . You’ll discover how to configure user permissions, manage data access, set up encryption, and start your first investigation. We […]

Today, we are excited to announce a significant enhancement to AWS Resource Explorer that delivers a unified view of centralized resource insights and properties from AWS services. With the enhanced Resource Explorer experience, relevant data and insights from multiple AWS services is centralized for supported resource types. Customers use keyword-based search to return a list […]

While protection of data is critical, equally important is observing who accesses it.  AWS services allow you to control your data by determining where it’s stored, who has access, and how it’s secured. AWS CloudTrail provides an effective way to track data access activities.  You can detect access attempts, and identify potential unauthorized attempts. CloudTrail, […]

In January 2023, AWS announced the support of ingestion for activity events from non-AWS sources using CloudTrail Lake. Making CloudTrail Lake a single location of immutable user and API activity events for auditing and security investigations. AWS CloudTrail Lake is a managed data lake for capturing, storing, accessing, and analyzing user and API activity on […]

AWS CloudTrail Insights is a powerful feature within AWS CloudTrail that helps organizations identify and respond to unusual operational activity in their AWS accounts. This includes identifying spikes in resource provisioning, bursts of IAM actions, or gaps in periodic maintenance activity. CloudTrail Insights continuously analyzes CloudTrail management events from trails and event data stores, establishing […]

Customers in highly regulated industries, such as Financial Services or Healthcare and Life Sciences, often need to audit every action made in environments with sensitive data. Regulations like HIPAA or FFIEC, and industry frameworks like the PCI DSS, require granular log entries that record user and administrative actions within an environment containing sensitive data, and […]

Introduction When I take my car in for service for a simple oil change, the technician often reads off a litany of other services my car needs that I had put off since the previous service (and maybe the service before that, too). I tend to wait for the “check engine” light to come on […]

With the emergence of generative AI being incorporated into every aspect of how we utilize technology, a common question that customers are asking is how to properly audit generative AI services on AWS, such as HAQM Bedrock, HAQM Sagemaker, HAQM Q Developer, and HAQM Q Business. In this post, we will demonstrate common scenarios that […]