Aws Neptune Instance Logs Disabled
Description
Detects AWS Neptune database instances that have CloudWatch logging disabled. When CloudWatch logs are not enabled, there is no audit trail of database activities and potential security events, making it difficult to monitor, troubleshoot and investigate security incidents.
Detection Strategy
• Checks each Neptune database instance in the AWS account and region
• Reports a vulnerability if the EnabledCloudwatchLogsExports setting is empty or missing
• Considers both cases where the setting is completely absent or explicitly set to an empty list as vulnerabilities
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.