Centralized logging and threat detection across accounts
WHAT IT TESTS: multi-account security architecture. OUTLINE: organization-wide trails ship logs to a locked-down central security account, store in immutable append-only storage, and aggregate threat detection findings centrally with least-privilege…
WHAT IT TESTS: designing a centralized, tamper-resistant security and logging model across many accounts. ANSWER OUTLINE: use an organization to enable account-wide audit trails that deliver logs to a dedicated, tightly restricted security or log-archive account; store logs in immutable, append-only storage with access controls separating producers from readers; aggregate threat-detection findings centrally with a delegated administrator. Cross-account roles grant least-privilege read access for the security team.
Read the original → interview
- #security
- #logging
- #multi-account
- #threat-detection
- #cloud
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.