02 - API Gateway Tracing Enabled

Integrate API Gateway with X-Ray Tracing

AWS API Gateway allows for exposing direct, programmatic access to your application. Understanding what calls are being made and as what data is being exposed can better help your understand execution behavior and see where behavior deviates, as well as understanding any latency issues with-in your api. This also allows for you to better understand if there is data being exposed on particular endpoints where it should not be. This is why enabling CloudWatch logging on your API stages is considered a security best practice. Having a full inventory of all of your API endpoints and seeing what your current logging is and can help with NIST compliance.

Audit & Remediation

Login into your AWS account
Navigate to the EC2 service at: https://console.aws.amazon.com/apigateway
In the left navigation panel, select APIs to list all APIs.

Select the hyperlink of the API that you want to inspect.
In the left hand panel, select Stages, then in middle panel select the Version and finally under Logs/Tracing verify the Enable X-Ray Tracing is checked.

Continue the outlined process in all stages for the specified API endpoint.
Continue the outlined process for all API endpoints.
Continue the outlined process for all API endpoints in all other regions.

See all certificates in a single place!

Do you want to see all of your ACM certificates in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.