Setup AWS for SOC2 audit
Enable necessary services to start collecting data for a security audit (SOC2).
- Enable AWS Config to be able to add new security rules.
- Enable Security Hub to start collect checks and select specific set of rules. Bonus point - enable PCI DSS if you process credit cards data.
- Meanwhile fix all Trusted Advisor suggestions (this will take a while).
- Enable Guard Duty (this is one of the rules that will be added after enabling Security Hub).
- Enable AWS Inspector to start scanning EC2/ECR for known vulnerabilities.
- Continue fixing all issues collected to Security Hub.
- Repeat previous step.
- After all checks passed, enable Audit Manager to start collecting evidence. It's recommended to start it not long before the actual audit starts.
- ...
- Profit! Repeat regularly.