OCI-009 Oracle Cloud Infrastructure (OCI)

Notifications/Events alert on IAM, network and policy changes.

Notifications/Events alert on IAM, network and policy changes.

Domain
Oracle Cloud Infrastructure (OCI)
Area
Logging
Automated / manual
Automated

Risk if it fails

Silent malicious changes go unnoticed.

If nobody is alerted when a security rule changes, an attacker can open a door, use it, and close it again without anyone ever being notified.

How Tess tests it

1 test — each concludes only on cited evidence.

Notifications/Events alert on IAM, network and policy changes.

Automated
Procedure
Confirm Event rules + Notification topics for critical changes.

Read-only command 

oci events rule list --compartment-id <tenancy-ocid> --all --query 'data[].{name:"display-name",enabled:"is-enabled"}'

More in Oracle Cloud Infrastructure (OCI)

OCI-001 MFA is enforced for all IAM users, especially administrators. OCI-002 Customer secret keys / API keys are rotated regularly (<=90 days). OCI-003 A strong password policy is configured. OCI-004 Membership of the Administrators group is minimal.

Want Tess to test OCI-009 against your evidence?

Book a demo