Cloudanix
AWS API Gateway Audit
AWS Web Application Firewall (WAF) should be integrated with API Gateway to protect your APIs from common web exploits such as SQLi attacks, XSS attacks and Cross-Site Request Forgery (CSRF) attacks.
API Gateway Should Be Integrated With WAF
AWS Web Application Firewall (WAF) should be integrated with API Gateway to protect your APIs from common web exploits such as SQLi attacks, XSS attacks and Cross-Site Request Forgery (CSRF) attacks.
Active Tracing Should Be Enabled For API Gateway Stages
Active tracing should be enabled for your Amazon API Gateway API stages to sample incoming requests and send traces to AWS X-Ray. Then X-Ray can provide you an end-to-end view of an entire HTTP request, so you can analyze latencies in your APIs and their backend services.
Cloudwatch Logs Must Be Enabled For All APIs
AWS CloudWatch logs should be enabled for all your APIs created with Amazon API Gateway service in order to track and analyze execution behavior at the API stage level.
Cloudwatch Metrics Must Be Enabled For All APIs
Detailed CloudWatch metrics should be enabled for all APIs created with AWS API Gateway service in order to monitor API stages caching, latency and detected errors at a more granular level and set alarms accordingly.
API Gateway APIs Should Use SSL Certificates
Your Amazon API Gateway APIs should be using SSL certificates to verify that HTTP requests made to your backend system are from API Gateway service.
Content Encoding Should Be Enabled For APIs
Content Encoding feature should be enabled for your Amazon API Gateway APIs in order to facilitate API payload compression.
Default Execution Endpoint Should Not Be Enabled
Default Execution Endpoint should not be enabled for your Amazon API Gateway APIs in order to secure your APIs.
Only Private End-Points Should Access APIs
Amazon API Gateway APIs should be accessible only through private API endpoints and must not be visible to the public Internet.
Expiring SSL Client Certificates Should Be Rotated
The client-side SSL certificates used by your Amazon API Gateway REST APIs for secure authentication at the API integration endpoint level should be rotated before their expiration date
Secure Every Layer of Your Cloud Stack with Cloudanix
Unify your security workflows with Cloudanix — one dashboard for misconfigurations, drift detection, CI/CD, and identity protection.
Get StartedCLOUDANIX
Insights from Cloudanix
Explore guides, checklists, and blogs that simplify cloud security and help you secure your infrastructure.
Case Studies
Real-world success stories where Cloudanix helped organizations secure their cloud infrastructure. Watch how we made a d...
CASB, CSPM, SIEM: Cloud Security Essentials
Understand how CASB, CSPM, and SIEM work together to enhance your cloud security posture and ensure better governance.
Cloudanix docs
Cloudanix offers you a single dashboard to secure your workloads. Learn how to set up Cloudanix for your cloud platform ...
Top 6 Azure Virtual Machine (VM) Misconfigurations To Avoid
Discover the most common Azure VM misconfigurations and how to avoid them to prevent performance or security issues.
Secure Coding
A comprehensive guide to secure coding practices, covering vulnerabilities, prevention techniques, and industry standard...
What is CSPM?
Understand what Cloud Security Posture Management (CSPM) is and how it automates security and compliance across cloud en...
Changelog
A complete history of changes, improvements, and fixes for Cloudanix. Subscribe to get notified about the latest updates...
Integrate Just-In-Time IAM Access with AWS
Dive deep into how IAM JIT and AWS Identity Center can strengthen your IAM security posture and streamline identity work...
Safeguard Identity Across Multi-Cloud Environments
IAM tools weren’t built for today’s multi-cloud environments. Learn how to adapt your identity and entitlement managemen...
Podcast
Tune in to the Cloudanix podcast for expert discussions on cloud security, compliance, and the latest industry trends. L...