Visibility and Intelligence for the Cloud
Visibility and Intelligence for the Cloud Courses:
Amazon Web Services (AWS) CloudTrail is a service that enables operational and risk auditing of your AWS account. It collects audit events from Amazon S3 buckets and a Log group in the AWS CloudWatch Logs. CloudTrail allows you to continuously monitor your AWS account activity including actions taken through the Management Console, AWS SDKs, command line, and other services.
QRadar connects through Amazon Web Services' API to retrieve the CloudTrail events, providing
event parsing that not only allows for monitoring of your AWS account
activity, but also for newly created rules to alert on possible AWS
Security violations. AWS-related saved searches are used for reporting,
which allows for analyzing trends on policy and user/group changes, and
In this video, you learn how to configure QRadar to retrieve logs from an AWS cloud environment source. Two use cases demonstrate how useful this integration can be to your cloud security posture.
In this training module you learn IBM QRadar's three tiered approach to securing the cloud. You also learn cloud adoption trends and use cases for securing the cloud.