Tag: AWS CloudTrail

AWS customers use AWS CloudTrail Lake to aggregate and analyze their AWS activity for security, operational troubleshooting, and compliance purposes. However, when investigating security incidents or conducting compliance audits, customers often need additional business context beyond the basic event details – like which team or project owns the affected resources, or what where the properties […]

We are incredibly excited to see you at AWS re:Inforce, in Philadelphia, Pennsylvania, on June 16-18, 2025. This year’s Governance, Risk, and Compliance track features sessions on automating compliance, enhancing risk visibility, using generative AI for business growth, and maintaining security at scale, including 5 breakout sessions, 8 builder sessions, 7 chalk talks, 2 code […]

Today, we are excited to announce AWS CloudTrail network activity for VPC endpoints, a new event type that captures actions transmitted through a Virtual Private Cloud Endpoint. In this preview, this new event type captures network activity events from VPC endpoints for Amazon Elastic Compute Cloud (EC2), AWS Key Management Service (KMS), Amazon S3, and […]

Organizations frequently use third-party monitoring tools to retrieve CloudWatch metric data for their dashboards and alerting systems. This practice often leads to significant GetMetricData API usage and results in high CloudWatch costs. A common challenge for cost optimization teams is identifying which specific resources or applications are driving these increased expenses, especially when they’re not […]

Introduction In the ever-evolving world of cloud computing, maintaining robust security and compliance is paramount. As usage of multicloud environments grows, the need for comprehensive monitoring and logging solutions becomes more critical. Enter the synergy of Azure Audit Logs and AWS CloudTrail Lake—a powerful combination that provides comprehensive visibility across your cloud environments. Azure Audit […]

AWS CloudTrail Lake introduces powerful new features to help you analyze and investigate your AWS activity logs more efficiently. New capabilities include enhanced event filtering, AI-powered natural language querying, AI-powered query result summarization, cross-account sharing of event data stores, and comprehensive dashboard capabilities. These enhancements enable deeper insights and faster investigations while providing greater control over data ingestion costs and analysis, making it easier than ever to monitor and secure your AWS environments.

Introduction AWS Organizations provides the capability to centrally manage and govern your AWS environment. As an organization, you can delegate administration of specific AWS services integrated with AWS Organizations to authorized individuals or teams. Implementing effective controls for these delegated administrators is essential to ensuring the security, compliance, and operational efficiency of your AWS environment. […]

This blog post will guide you through a quick start on using Amazon Q Developer for operational investigations on AWS. We’ll walk you through the step-by-step process of setting up this powerful AI-assisted troubleshooting tool . You’ll discover how to configure user permissions, manage data access, set up encryption, and start your first investigation. We […]

While protection of data is critical, equally important is observing who accesses it.  AWS services allow you to control your data by determining where it’s stored, who has access, and how it’s secured. AWS CloudTrail provides an effective way to track data access activities.  You can detect access attempts, and identify potential unauthorized attempts. CloudTrail, […]

Detecting security risks and investigating the corresponding findings is essential for protecting your AWS environment from potential threats, ensuring the confidentiality, integrity, and availability of your data and resources for your business needs. As shown in Image 1, effective incident response follows a systematic approach of identifying, detecting, investigating, prioritizing, and resolving security findings. By analyzing […]