Zeus Cloud home pagelight logodark logo
  • Explore Demo
  • Explore Demo
Misconfigurations
CloudWatch
  • Documentation
  • GitHub
  • Demo
  • Community
  • Contact Us
  • Introduction
  • What is ZeusCloud?
  • Get Started
  • Rules
  • Alerts
  • Compliance
  • Customize
  • Rules Catalog
  • Overview
  • Misconfigurations

    • CloudTrail
    • CloudWatch
    • EC2
    • ElasticSearch
    • ELBv2
    • IAM
    • KMS
    • RDS
    • S3
    • Secrets Manager
    • Security Hub
    • SQS
    • VPC
  • Attack Paths
  • Contribute
  • Overview
  • Development Guide
  • Add a Security Rule
  • Add to Asset Inventory
  • Add a Compliance Framework
  • Community and Support
  • Troubleshooting
  • Community
Misconfigurations

CloudWatch

ZeusCloud provides the following security rules for AWS CloudWatch:

  • Log metric filter and alarm should exist for AWS Mangement Console authentication failures
  • Log metric filter and alarm should exist for S3 bucket policy changes
  • Log metric filter and alarm should exist for Cloudtrail configuration changes
  • Log metric filter and alarm should exist for disabling or scheduling deletion of KMS CMKs
  • Log metric filter and alarm should exist for AWS Config configuration changes
  • Log metric filter and alarm should exist for IAM policy changes
  • Log metric filter and alarm should exist for Network Access Control List (NACL) changes
  • Log metric filter and alarm should exist for network gateway changes
  • Log metric filter and alarm should exist for AWS Organization changes
  • Log metric filter and alarm should exist for usage of the root account
  • Log metric filter and alarm should exist for route table changes
  • Log metric filter and alarm should exist for security group changes
  • Log metric filter and alarm should exist for management console sign in without MFA
  • Log metric filter and alarm should exist for unauthorized API calls
  • Log metric filter and alarm should exist for VPC changes
CloudTrailEC2
twittergithublinkedin
Powered by Mintlify