Skip to content

Commit

Permalink
remove unneeded words
Browse files Browse the repository at this point in the history
  • Loading branch information
@paulschwarzenberger
paulschwarzenberger committed Jan 25, 2024
1 parent 8508c35 commit 5ffbc4d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion docs/security.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ It's very important to implement your certificate authority (CA) in a secure way
* store user / device private keys in hardware if possible
* monitor CloudTrail for suspicious events, e.g. unauthorised signing using a CA KMS asymmetric key
* export CloudTrail and CloudWatch logs to a central SIEM
* create rules to alert on potential attacks, e.g. CloudTrail event showing CA KMS signing not correlated to a Lambda function log in CloudWatch
* create rules to alert on potential attacks, e.g. CloudTrail event showing CA KMS signing not correlated to Lambda function log in CloudWatch
* update the CA regularly and ensure no vulnerable dependencies
* run regular security scans on CA AWS accounts or link to a CSPM
* consider an independent security review of the CA infrastructure and applications using certificates issued by the CA
Expand Down

0 comments on commit 5ffbc4d

Please sign in to comment.