| ID | Title | Objective |
|---|---|---|
| CCC.Monitor.CN01 | Rate Limiting on External Monitoring | Prevent DoS attacks using External Monitoring tools. |
| CCC.Monitor.CN02 | Rate Limiting on Metric Generation | Prevent Malicious Actor or misconfiguration from flooding services with metric data. |
| CCC.Monitor.CN03 | Access External Monitoring | Control access to Synthetic monitoring solutions using API keys or Certificate based authentication to ensure they don't become an attack path, preventing monitoring systems from forging network requests to gain access to internal systems. |
| CCC.Monitor.CN04 | Restrict access to Monitoring Dashboards | Control access to Monitoring Dashboards and reports to ensure they don't highlight an attack path. |
| CCC.Monitor.CN05 | Restrict access to silence or acknowledge an alert | Ensure only a subset of users can silence or acknowledge alerts to prevent attackers hiding their activity. |
| CCC.Monitor.CN06 | Metrics pushed for authorised services only | Use IAM to control which types of metrics or traces can be pushed by different system to avoid a compromised system pushing fabricated metrics about a different service |
Management / Monitoring
Controls
Version: