Table of contents
Topics on this page

Real Time Alerts For Suspicious Activity And Events On My Cloud Infrastructure

Relevant users

User Role Can Access
Technical Team member
DevOps Team member
Security Analyst
Security Engineer
Compliance Manager
Project Manager
Security Team Management
Consultant

Examples

  • I am a CSO and want to affirm to the board that the organisation did nor have any breaches since the last time I reported to them.
  • I am a SecOps engineer and want to be alerted of suspicious events on the accounts I am responsible for.

Solution

Step 1. Determine the account(s) you want to enable Real-Time Monitoring (RTM) for.

Step 2. Turn on Cloud Conformity’s Real-Time Monitoring (RTM) add-on in Subscriptions.

Step 3. Set up RTM.

Step 4. Set up communication channel(s) for example Slack, Jira, and SMS to receive RTM notifications about suspicious activity.

Create separate channels for different environments eg production, staging, and dev.

Step 5. Set communication triggers to send customised RTM notifications to your communication channels.

Step 6. Monitor RTM notifications within Conformity and your communication channels. Investigate suspicious activity and utilise Cloud Conformity's failed check resolution workflow to remediate.

Use RTM with our open source Auto-remediation project to remediate failures in real time.