Gcp Logging Not Enabled
Description
Detects Google Cloud Storage buckets that do not have audit logging enabled. Cloud Storage audit logging is critical for security monitoring, incident investigation, and maintaining compliance by tracking who accesses bucket data and what changes are made.
Detection Strategy
• Enumerates all Cloud Storage buckets in the GCP project
• For each bucket, checks if the logging configuration is present
• Reports a vulnerability if a bucket's logging configuration is not set (logging_lock_bucket is None)
• Identifies the specific bucket using its path and project ID in the vulnerability report
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.