AWS Console Login Failed
This rule monitors for failed AWS console logins.
Risk | Remediation Effort |
Low | Low |
Failed logins may be indicative of brute force attacks or the use of old compromised credentials.
Remediation
In small numbers, this does not bear investigation. In large numbers, check for the possibility of brute force attacks and consider upgrading password strength.
References
- CIS AWS Benchmark 3.6: "Ensure a log metric filter and alarm exist for AWS Management Console authentication failures"
Last modified 2yr ago