Aws Flow Logs Disabled
Description
Detects AWS Global Accelerators that have flow logs disabled, which reduces network traffic visibility and monitoring capabilities. Flow logs are important for security analysis, troubleshooting, and compliance auditing as they capture information about the IP traffic going to and from network interfaces in your accelerator.
Detection Strategy
• Scans all Global Accelerators in the AWS account
• Checks the FlowLogsEnabled attribute for each accelerator
• Reports a vulnerability when an accelerator has FlowLogsEnabled set to false or missing
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.