AWS Immersion Day with Lacework > Advanced Cloud Security Posture Management (CSPM+) > Cloud Security Compliance
Cloud Security Compliance
Laceworkâs AWS security platform automatically validates all configurations against the controls established as best practices for securing your cloud environment. The first step in preventing an attack is secure your cloud configuration. Lacework monitors your AWS environments and notifies you of security misconfigurations.
- Go to Compliance > Cloud in the Lacework Console to display the Compliance page.
- Choose the Group by Policy.
- Then for Service Category filter choose S3.
- Click on LW_S3_2 Ensure the S3 bucket ACL does not grant ‘Everyone’ WRITE permission [create, overwrite, and delete S3 objects]. This is a critical severity recommendation and lists S3 buckets that are vulnerable.
The noncompliance s3 buckets are identified. - Click on the View context link to view the steps to resolve the noncompliance.
- Click on LW_S3_16 Ensure the S3 bucket has versioning enabled. Versioning is a recommendation to protect yourself from ransomware attacks. This lists S3 buckets that should have versioning enabled.
Lacework provides security recommendations for your cloud environments. These can help you prevent attacks before they happen. Let’s see how these generate events to notify you of issues that you should address.
Challenge
If you don't know how to remediate, how could you learn how?
Use the Additional Info link on the recommendation to find the steps to remediate.