Monitoring: Amazon Macie
Amazon Macie is a new service that helps you discover sensitive data in Amazon S3 buckets and take action to protect your organization’s assets. Amazon Macie can detect types of sensitive information in S3 buckets, including personally identifiable information (PII), financial and regulatory compliance-related data, personally identifiable information from customers, employees, or partners, payment information, and more. You can use Amazon Macie to manually initiate searches on your own or automatically have sensitive data found in your buckets – this way, you can ensure your company maintains a robust security posture while avoiding many false positives by letting the machine do the heavy lifting.
Why should you monitor Amazon Macie findings?
Macie continuously scans S3 buckets for sensitive data and security risks caused by misconfiguration. Therefore, keeping track of the findings recorded by Macie is crucial to ensure data security.
How does monitoring Amazon Macie findings work?
Without further ado, marbot notifies you about findings reported by Amazon Macie. Here is what an alert caused by a Macie finding looks like in Microsoft Teams.
And here is the same alert in Slack.
How do you set up monitoring of AWS Macie findings?
marbot works with Slack and Microsoft Teams. Please select your platform and follow the Getting Started guide.
Which events does marbot monitor in detail?
marbot creates EventBridge rules to monitor the following events automatically.
| Event Type | Description |
|---|---|
Macie Finding |
Get alerted in case of findings with severity >= 3. |
Chatbot for AWS Monitoring
Configure monitoring for Amazon Web Services: CloudWatch, EC2, RDS, EB, Lambda, and more. Receive and manage alerts via Slack. Solve incidents as a team.
