Real Time Alerts For Suspicious Activity And Events On My Cloud Infrastructure
Topics on this page
Relevant users
| User Role | Can Access |
|---|---|
| Technical Team member |  |
| DevOps Team member | |
| Security Analyst | |
| Security Engineer | |
| Compliance Manager | |
| Project Manager | |
| Security Team Management | |
| Consultant | |
Examples
- I am a CSO and want to affirm to the board that the organisation did nor have any breaches since the last time I reported to them.
- I am a SecOps engineer and want to be alerted of suspicious events on the accounts I am responsible for.
Solution
Step 1. Determine the account(s) you want to enable Real-Time Monitoring (RTM) for.
Step 2. Turn on Cloud Conformity’s Real-Time Monitoring (RTM) add-on in Subscriptions.
Step 3. Set up RTM.
Step 4. Set up communication channel(s) for example Slack, Jira, and SMS to receive RTM notifications about suspicious activity.
Create separate channels for different environments eg production, staging, and dev.
Step 5. Set communication triggers to send customised RTM notifications to your communication channels.
Step 6. Monitor RTM notifications within Conformity and your communication channels. Investigate suspicious activity and utilise Cloud Conformity's failed check resolution workflow to remediate.
Use RTM with our open source Auto-remediation project to remediate failures in real time.