Gruntwork
How to debug Security Hub checks failing in the CIS Reference Architecture? #135
-
|
A customer asked:
|
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
The Gruntwork CIS Reference Architecture implements a configuration that is compliant with the CIS AWS Foundations Benchmark. If you need to debug why a particular Security Hub check is failing for your CIS Reference Architecture, start by opening the official AWS whitepaper on the CIS Foundations Benchmark and looking for the section that maps to the failing check. For example, let's say your
Perform the steps outlined in the Audit and take note of the exact command or step that fails or can't be completed successfully. This provides clues as to which of the CIS service catalog modules might have an issue. Please provide this information as feedback to Gruntwork when opening tickets or sending inquiries to support, as it will greatly assist us in narrowing down the problem. Additional resources
|
Beta Was this translation helpful? Give feedback.
-
|
Credit for this solution goes to @yorinasub17 |
Beta Was this translation helpful? Give feedback.
The Gruntwork CIS Reference Architecture implements a configuration that is compliant with the CIS AWS Foundations Benchmark.
If you need to debug why a particular Security Hub check is failing for your CIS Reference Architecture, start by opening the official AWS whitepaper on the CIS Foundations Benchmark and looking for the section that maps to the failing check.
For example, let's say your
Ensure a log metric filter and alarm exist for unauthorized API callssecurityhub check is failing withCLOUDTRAIL_METRIC_FILTER_NOT_VALID.Ensure a log metric filter and alarm exist for unauthorized API callsis the relevant section in the whitepaper to review. Within that section is an Audit subhe…