It's like a native feature. It's like a single audit point for everything AWS. Any changes made by users or roles get saved in CloudTrail. It's gotta be enabled; it's the most important security feature on AWS.
Security Engineer-DevSecOps at a computer software company with 51-200 employees
Simplifies security monitoring and troubleshooting by making it easy to identify suspicious activity
Pros and Cons
- "It is a stable solution. AWS handles it well."
- "Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great."
What is our primary use case?
What needs improvement?
Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great.
For how long have I used the solution?
I have been using it for three years now.
What do I think about the stability of the solution?
It is a stable solution. AWS handles it well.
Buyer's Guide
AWS CloudTrail
November 2024
Learn what your peers think about AWS CloudTrail. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
What do I think about the scalability of the solution?
There are five to six admins using this solution, we don't have separate user groups.
How was the initial setup?
It is a one-click deployment.
What's my experience with pricing, setup cost, and licensing?
CloudTrail itself is free of cost.
What other advice do I have?
I'd advise to integrate it with your security solution and correlate logs across AWS. That's the single point to start understanding if your account is compromised. And always keep a backup of the logs.
And make sure those logs are kept in a separate AWS account from the main one. First thing any attacker would do is delete those logs to cover their tracks. Forensics becomes very tough without them.
Overall, I would rate the solution a ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Infrastructure/Systems Admin at a financial services firm with 201-500 employees
Has a valuable feature for monitoring and a simple setup process
Pros and Cons
- "The product’s most valuable feature is monitoring. It helps us audit the changes in AWS account at the application and resource level."
- "The platform’s reporting log sheet feature could be more user-friendly."
What is our primary use case?
We use the product for monitoring activities of AWS accounts in terms of operational review, governance, and compliance.
What is most valuable?
The product’s most valuable feature is monitoring. Changes in AWS account at the application and resource level are easily audited with cloudtrail.
What needs improvement?
The platform’s reporting log sheet feature could be more user-friendly.
For how long have I used the solution?
We have been using AWS CloudTrail for three years now.
What do I think about the stability of the solution?
It is a stable product.
What do I think about the scalability of the solution?
We have three administrators using AWS CloudTrail in our organization.
How was the initial setup?
The initial setup is easy. It has default functionality for application and resource-level monitoring of databases.
What other advice do I have?
I rate AWS CloudTrail an eight out of ten. I recommend the solution if you are auditing compliance and security for data usage.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free AWS CloudTrail Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
User Activity MonitoringPopular Comparisons
CyberArk Privileged Access Manager
Ekran System
Buyer's Guide
Download our free AWS CloudTrail Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating User Activity Monitoring, what aspect do you think is the most important to look for?
- Looking for recommendations and a pros/cons template for software to detect insider threats
- What insider threat detection tool do you recommend to a company with a modest budget?
- What is your recommended software product to secure your LAN?
- What features are important in user activity monitoring software?
- What user activity monitoring software do you recommend?