Other clouds Although the book focuses on the “big three” cloud providers, we recognize that there are other cloud infrastructure solutions and want to briefly highlight these and options for learning more outside of this book. Oracle Cloud Infrastructure Oracle Cloud Infrastructure or (OCI) has a unique attribute in the concept of compartments, which are […]
Category: Security Command Center
Basic cloud auditing tools within AWS – Tools for Monitoring and Assessing
Basic cloud auditing tools within AWS In the sections that follow, as a prerequisite, you may require a minimum level of view or read access to obtain the test evidence independently. Depending upon your specific organization’s configuration and any additional customizations, you may require additional access rights or group memberships to directly access specific content, […]
Azure Network Watcher – Tools for Monitoring and Assessing
Azure Network Watcher Another tool an IT auditor can leverage is Azure Network Watcher. Azure Network Watcher is designed to monitor and repair the network health of infrastructure as a service (IaaS ) products, which include virtual machines, virtual networks, application gateways, load balancers, and so on. To launch Azure Network Watcher, you can easily […]
Network Intelligence Center – Tools for Monitoring and Assessing
Network Intelligence Center Another tool an IT auditor can leverage for visibility in GCP is Network Intelligence Center. As per Google’s documentation, “Network Intelligence Center provides a single console for Google Cloud network observability, monitoring, and troubleshooting.” Network Intelligence Center has five modules: Firewall Insights and Network Analyzer provide very valuable information for an IT […]
Preparing to assess cloud IAM controls – Walk-Through – Assessing IAM Controls
Preparing to assess cloud IAM controls As we covered in Chapter 2, Effective Techniques for Preparing to Audit Cloud Environments, developing a good audit plan requires a thorough understanding of how the enterprise environment is architected and connected. When it comes to IAM controls, knowing that the cloud environment is federated with another identity store […]
Assessing device controls – Walk-Through – Assessing IAM Controls
Assessing device controls In our last walk-through session for IAM controls, let’s look at assessing a common control related to devices – the configuration of multi-factor authentication (MFA). In our sample walk-through, we will validate whether MFA is being enforced for all users and their devices in our AWS and Microsoft Azure cloud environments. AWS […]