Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Detects AWS CloudTrail events that modify Elastic Load Balancer security group associations. Unauthorized changes can expose services to unintended network access or weaken cloud boundary protections. Validate these updates against approved change control and deployment activity.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Amazon Web Services |
| ID | c7bfadd4-34a6-4fa5-82f8-3691a32261e8 |
| Severity | Low |
| Status | Available |
| Kind | Scheduled |
| Tactics | DefenseEvasion |
| Techniques | T1562.007 |
| Required Connectors | AWS, AWSS3 |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AWSCloudTrail |
EventName in "ApplySecurityGroupsToLoadBalancer,SetSecurityGroups" |
✓ | ✓ | ✓ |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊