Other important rules for remediating security issues.
It is recommended that GuardDuty is enabled to receive a threat detection service.
It is recommended to avoid stale roles as these could cause access leakage and uncontrolled manipulation with S3 bucket data, which can lead to ransomware violations.
It is recommended to create snapshots for EC2 EBS Volumes to prevent data loss and simplify data recovery in the case of data encryption.
It is recommended to configure EC2 instances for use with SMM to maintain security and compliance.
It is recommended that SecurityHub is enabled for required region.
It is recommended that access to known command and control destinations is gained with the minimum required connectivity in the event of a ransomware or botnet attack.
It is recommended that S3 bucket versioning and MFA Delete are enabled.
It is recommended that a policy to allow object modification using only the defined default KMS Key is defined, which attackers are unlikely to have permissions to change or modify.
It is recommended that public access to S3 Buckets is restricted.
It is recommended that cross-account KMS Key on S3 is cleared.
Updated 2 months ago