Utilizing Cloud Computing Log Events for Security Automation
The rising use of cloud computing and deploying and managing applications and services on a large-scale demand researcher to utilize cloud-logs to achieve greater continuous of security and compliance. Cloud security auto-remediation not only essential for preventing a potential breach, but also essential to prevent system frailer or accidents, and for complying with compliance requirements or legal actions. However, now most of cloud hosting services provide cloud trails or logs to identify and track security incidents. But that isn’t enough without acting at the event time.
In this research, I present a novel approach for automatic security remediation that can be built from a noisy and unstructured cloud logs. The approach utilizing cloud trails logs. Examining the records syntax will provide the complete picture of actions taken by a user, role, captured API calls for systems events.
Also, it is necessary to understand how log events can be constructed to build a strong remediation policy. In some parts, cloud providers have had little incentive to provide broad administrative access to the set of information, and that often do not provide the adequate log that can be used for security auditing or compliance. However, the ultimate goal of this research is to connect the dots of deferent events to build a strong cloud security auto-remediation policy.