Security Command Center Security Command Center provides centralized visibility into the security posture and status of the GCP environment. According to GCP’s documentation, “Security Command Center ingests data about new, modified, and deleted assets from Cloud Asset Inventory, which continuously monitors assets in your cloud environment. Security Command Center supports a large subset of Google […]
Category: Overly permissive access
Preparing for more advanced auditing – Tips and Techniques for Advanced Auditing
Preparing for more advanced auditing So far we have been leveraging native graphical user interface (GUI) tools to perform audits. To prepare for more advanced auditing, the IT auditor should familiarize themselves with the command-line interface (CLI). A GUI permits users to interact with the cloud platform using graphical features such as icons, windows, and […]
Basic cloud auditing tools within AWS – Tools for Monitoring and Assessing
Basic cloud auditing tools within AWS In the sections that follow, as a prerequisite, you may require a minimum level of view or read access to obtain the test evidence independently. Depending upon your specific organization’s configuration and any additional customizations, you may require additional access rights or group memberships to directly access specific content, […]
Amazon Inspector – Tools for Monitoring and Assessing
Amazon Inspector Another tool an IT auditor can leverage in AWS is Amazon Inspector. Amazon Inspector is an automated vulnerability management service that continually scans AWS resources for software vulnerabilities and inadvertent network exposure. Amazon Inspector collects events from various vulnerability intelligence sources, including Common Vulnerabilities and Exposures (CVE), the National Vulnerability Database (NVD), and […]
Azure Network Watcher – Tools for Monitoring and Assessing
Azure Network Watcher Another tool an IT auditor can leverage is Azure Network Watcher. Azure Network Watcher is designed to monitor and repair the network health of infrastructure as a service (IaaS ) products, which include virtual machines, virtual networks, application gateways, load balancers, and so on. To launch Azure Network Watcher, you can easily […]
Network Intelligence Center – Tools for Monitoring and Assessing
Network Intelligence Center Another tool an IT auditor can leverage for visibility in GCP is Network Intelligence Center. As per Google’s documentation, “Network Intelligence Center provides a single console for Google Cloud network observability, monitoring, and troubleshooting.” Network Intelligence Center has five modules: Firewall Insights and Network Analyzer provide very valuable information for an IT […]
Preparing to assess cloud IAM controls – Walk-Through – Assessing IAM Controls
Preparing to assess cloud IAM controls As we covered in Chapter 2, Effective Techniques for Preparing to Audit Cloud Environments, developing a good audit plan requires a thorough understanding of how the enterprise environment is architected and connected. When it comes to IAM controls, knowing that the cloud environment is federated with another identity store […]
Assessing privileged access controls – Walk-Through – Assessing IAM Controls
Assessing privileged access controls As an auditor, it’s important to understand who has been granted privileged access within an environment. Knowing who has been granted privileged access and whether that level of access is appropriate given the individual’s job responsibilities is often a foundational step before assessing other IT general computing controls. AWS IAM One […]