Fluid Attacks Database

Description

Identifies Amazon RDS database clusters that have CloudWatch logs export disabled. When CloudWatch logging is not enabled, there is no audit trail of database activity, making it difficult to monitor for security events, compliance violations, and performance issues.

Weakness:

400 - Traceability Loss - AWS

Category: Functionality Abuse

Detection Strategy

• Retrieves all RDS database clusters in the specified AWS region

• Examines the 'EnabledCloudwatchLogsExports' configuration for each cluster

• Reports a vulnerability if the EnabledCloudwatchLogsExports setting is empty or missing

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.