As a Modernisation Platform Engineer
I want to be alerted of security incidents reported by AWS tools
So that I can respond to them in a timely fashion
User Type(s)
Value
How do we make sure that we are aware of any security incidents that happen on the platform?
Can we leverage existing tools such as security hub?
We need to be alerted to critical/high security warnings from AWS security hub, whilst also being able to filter out the criticals which we have dismissed.
Questions / Assumptions / Hypothesis
Definition of done
[ ] review current alerting being sent into Slack Alerting channels
[ ] EG. SecurityHub into low-priority-alerts
[ ] sources of potential information identified (eg. SecurityHub)
[ ] possible methods for notifying the team on an alert identified
User Story
As a Modernisation Platform Engineer I want to be alerted of security incidents reported by AWS tools So that I can respond to them in a timely fashion
User Type(s)
Value
How do we make sure that we are aware of any security incidents that happen on the platform? Can we leverage existing tools such as security hub?
We need to be alerted to critical/high security warnings from AWS security hub, whilst also being able to filter out the criticals which we have dismissed.
Questions / Assumptions / Hypothesis
Definition of done
Reference
How to write good user stories