In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Insufficient Logging vulnerabilities in an interactive lesson.
Start learningUpgrade @hulumi/baseline to version 1.3.2 or higher.
@hulumi/baseline is a Hardened Pulumi baseline components for AWS and GitHub — SecureBucket, AccountFoundation, AWS organization guardrails, secure primitives, detection foundations, SecureRepository, OrgFoundation. SLSA Build L3 attestation on every release.
Affected versions of this package are vulnerable to Insufficient Logging in the detection process for CloudTrail selector tampering events. An attacker can evade detection of unauthorized changes to audit logging configurations by manipulating CloudTrail event selectors.