Chapter 4: Automated Security Auditing
As enterprises move their resources and data to the cloud and consume cloud-native SaaS solutions such as Google Workspace, their auditing and compliance story needs to be rewritten. The auditing, monitoring, and observability of these applications and data are very important, and enterprises are expected to adhere to stricter compliance by governments and law enforcement.
Auditability gives us the chronological sequence of events that led to a change. This is typically achieved via an activity log that applications pump out with every event. The ability to stitch together these logs and gather insights is crucial for maintaining a good security posture. Several compliance standards such as SOC 2 heavily enforce auditability; this standard mandates that audit logs conform to integrity, confidentiality, and privacy requirements.
Monitoring typically tells us what is broken and why. Monitoring functions are important for analyzing long-term...
