· CloudTrail is the first service activated on new AWS accounts to ensure every API call is captured from the onset of the account.
· JHC configures CloudTrail to capture both regional and Global API calls while preventing duplicate global events in the logs.
· JHC deploys custom Identity and Access Management (IAM) permission policies on CloudTrail to prevent unauthorized access to logs.
· JHC Enables versioning and logging on CloudTrail S3 buckets for added protection.
· JHC deploys and configures Splunk Enterprise Instance inside customer's Virtual Private Cloud (VPC) and integrates Splunk with CloudTrail in order to gain additional insight into security related activities.
· JHC creates custom notifications on CloudTrail S3 bucket to immediately notify customers when objects stored are lost.