Please enable JavaScript.
Coggle requires JavaScript to display documents.
AWS (GuardDuty (ML that monitors for malicious behaviors, Monitors VPC…
AWS
GuardDuty
-
Monitors VPC flow, CloudTrail, DNS logs
-
-
-
-
KMS
-
You can configure access of keys, create keys, id who can manage key
CMK - customer master key is logical representation master key. Includes metadata, key state, date
-
-
-
-
HSM - hardware security module. Separate device for key managmen, encryption and decryption
-
CloudTrail
-
-
Logs time, identity, metadata, ip, request params, time
-
-
VPC
Subnet
ACL
-
-
-
rules are evaluated by numbers from lower to higher. When matchin number met it stops evaluating and applies rule
-
-
-
-
-
-
When traffic is leaving the subnet, the router looks at the table and checks if IP matches the specified IPs in the route table. The higher /prefix number the higher the priority for the match
-
-
Internet Gateway
-
-
-
Can be connected to subnet if subnet has custome route table which points to IGW and subnet has auto assigne IPs enabled
-
-
-
AWS Shield
-
Prevents level 3, 4 attacks
-
WAF
-
-
Can set conditions for ip addresses, countries, sql code, malicious code
-
-
-
-
Maice
Works for S3. Monitors if PII (personnel identifiable information), PHI is stored in S3 using ML
-
-