Log validation should be activated on Cloudtrail logs to prevent the tampering of the underlying data in the S3 bucket. It is feasible that a rogue actor compromising an AWS account might want to modify the log data to remove trace of their actions.
Illicit activity could be removed from the logs
Follow the appropriate remediation steps below to resolve the issue.
Turn on log validation for Cloudtrail
|
|
Turn on log validation for Cloudtrail
|
|