Cloud Network Access Control List Deleted
Enforcing network-access controls is one of the defensive mechanisms used by cloud administrators to restrict access to a cloud instance. After the attacker has gained control of the console by compromising an admin account, they can delete a network ACL and gain access to the instance from anywhere. This search will query the Change datamodel to detect users deleting network ACLs.
This content is not mapped to any local saved search. Add mapping
Cloud Network Access Control List Deleted Help
You must be ingesting your cloud infrastructure logs from your cloud provider. You can also provide additional filtering for this search by customizing the
Open in Search