Preparing for more advanced auditing So far we have been leveraging native graphical user interface (GUI) tools to perform audits. To prepare for more advanced auditing, the IT auditor should familiarize themselves with the command-line interface (CLI). A GUI permits users to interact with the cloud platform using graphical features such as icons, windows, and […]
Category: Google Cloud Platform Virtual Private Cloud
Other clouds – Tips and Techniques for Advanced Auditing
Other clouds Although the book focuses on the “big three” cloud providers, we recognize that there are other cloud infrastructure solutions and want to briefly highlight these and options for learning more outside of this book. Oracle Cloud Infrastructure Oracle Cloud Infrastructure or (OCI) has a unique attribute in the concept of compartments, which are […]
Amazon Inspector – Tools for Monitoring and Assessing
Amazon Inspector Another tool an IT auditor can leverage in AWS is Amazon Inspector. Amazon Inspector is an automated vulnerability management service that continually scans AWS resources for software vulnerabilities and inadvertent network exposure. Amazon Inspector collects events from various vulnerability intelligence sources, including Common Vulnerabilities and Exposures (CVE), the National Vulnerability Database (NVD), and […]
Network Intelligence Center – Tools for Monitoring and Assessing
Network Intelligence Center Another tool an IT auditor can leverage for visibility in GCP is Network Intelligence Center. As per Google’s documentation, “Network Intelligence Center provides a single console for Google Cloud network observability, monitoring, and troubleshooting.” Network Intelligence Center has five modules: Firewall Insights and Network Analyzer provide very valuable information for an IT […]
Preparing to assess cloud IAM controls – Walk-Through – Assessing IAM Controls
Preparing to assess cloud IAM controls As we covered in Chapter 2, Effective Techniques for Preparing to Audit Cloud Environments, developing a good audit plan requires a thorough understanding of how the enterprise environment is architected and connected. When it comes to IAM controls, knowing that the cloud environment is federated with another identity store […]
Assessing access assignment controls – Walk-Through – Assessing IAM Controls
Assessing access assignment controls Beyond establishing who can access an environment and what they can do, another important area to assess is who can configure or modify access assignments for identities. In some environments, the assignment of access may be a completely automated procedure through account life cycle workflows. However, even with this automation, it’s […]