This allows us to monitor the DNS queries coming out of our compute clusters. Should we find any egress to places we do not trust, we can assume that malicious activity is going on.
Risk: Not able to identify malicious activity.
Acceptance criteria:
[ ] DNS logging enabled
[ ] Notification sent to appropriate channel once DNS query logged
This allows us to monitor the DNS queries coming out of our compute clusters. Should we find any egress to places we do not trust, we can assume that malicious activity is going on.
Risk: Not able to identify malicious activity.
Acceptance criteria: