AWS CloudTrail Monitoring

Get a 360-degree view inside your entire AWS-based infrastructure with Threat Stack’s powerful security insights.

Learn how we can secure your AWS infrastructure
AWS CloudTrail monitoring is one way that Threat Stack comprehensively monitors your infrastructure and workload. Using Threat Stack’s CloudTrail integration, you can be alerted on changes to your instances, security groups, S3 buckets, and access keys, and also see whether any of these changes had adverse effects on your systems. If you have multiple AWS accounts, you can see across accounts to track risk in a single platform. Reduce the exposure window of an attack or insider threat with the ability to know when:
  • Instances are launched in non-standard VPCs or in EC2 classic without VPCs
  • An extensive number of instances are being run in a given time period
  • Instances are being run from a non-standard image
  • Security Groups are created with open ports or open CIDRs
  • Users are created with default policies
  • S3 buckets are accessed by non-standard users
  • S3 buckets are created
  • S3 buckets have policy changes
  • CloudTrail calls result in an access denied
  • Specific access keys are used for a particular CloudTrail call