pshoxxx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Table 2: Security Detections | |
| | Detection | Source | Framework | | |
| |---|---|---| | |
| | ConsoleLoginWithoutMFA | CloudTrail | CIS AWS Foundations 3.2 | | |
| | RootAccountActivity | CloudTrail | CIS AWS Foundations 3.3 | | |
| | IAMPrivilegeEscalation | CloudTrail | NIST AC-6 | | |
| | UnauthorizedLogBucketAccess | CloudTrail | NIST AU-9 | | |
| | UnencryptedResourceCreation | CloudTrail | NIST SC-28 | | |
| | SecurityResourceTampering | CloudTrail | NIST SI-7 | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Table 1: AWS Account by Function | |
| | Account | Expected Name | Purpose | | |
| |---|---|---| | |
| | Management | (org root - not looked up by name) | Org governance, SCPs, Identity Center | | |
| | Security | security-environment | Centralized logging, GuardDuty, SIEM | | |
| | Networking | networking-environment | Centralized network hub | | |
| | Corporate | corporate-main-environment | Workload spoke, Domain Controller | | |
| | Web | web-environment | Simple public facing website | | |
| | Shared Services | shared-services-environment | Terraform remote state bucket | |