AWS EBS default encryption disabled

cloudtrail

Classification:

compliance

Tactic:

TA0005-defense-evasion

Technique:

T1562-impair-defenses

Framework:

cis-aws

Control:

2.2.1

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Goal

Detect when an EBS encryption is disabled by default.

Strategy

Monitor CloudTrail and detect when EBS encryption is disabled by default via the following API call:

Triage and response

  1. Determine which user in your organization owns the API key that made this API call.
  2. Contact the user and let them know that it is best practice to enable EBS encryption by default.
  3. Re-enable EBS encryption by default.

For more information about Amazon EBS Encryption, check out the Amazon EBS Encryption documentation.

Changelog

  • 18 March 2022 - Rule query and severity updated.
  • 16 November 2022 - Rule query updated.
PREVIEWING: dgreen15/github-error-fix