...
| Expand | ||
|---|---|---|
| ||
Detects the scheduled deletion of KMS keys. Source table → |
| Expand | ||
|---|---|---|
| ||
Detects AWS API activity by users who are not explicitly authorized from an allow list. Detection of unapproved users interacting with the AWS API can prevent, abuse, fraud, and other malicious operations from being executed. Source table → |
AWS CloudWatch alerts
| Expand | ||
|---|---|---|
| ||
This alert detects actions to get STS session tokens, which can be used to move laterally or escalate privileges in AWS. Source table → |
...