Certified Security - Specialty

Sign Up Free or Log In to participate!

masking or avoid logging sensitive information on CloudTrail Logs

Are there any practical solutions to avoid logging or masking (while logging) any sensitive data like KeyID’s or other information that you would’nt want even you security engineers to see. usuallly thre needs to be a balance between the amount of information logged (for making them useful) and the sensitivity of the information logged. any practical solutions could be greatly appreciated. i understand encrypting the logs and varification of logs using digests, but what after the IR team or security engineer has decrypted the logs. is data masking based on regex an option?

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?