Continuously audit and monitor ACM Certificate configurations and enforce security compliance as code with Panther.
AWS Certificate Manager (ACM) handles creating, storing, and renewing public and private SSL/TLS certificates and keys that protect your AWS websites and applications. Use Panther to track real-time changes to your ACM cerificates to ensure configurations meet your business requirements for security and compliance.
Monitoring ACM is critical for understanding the history of public and private SSL/TLS certificate changes and detecting suspicious activity. Use Panther’s built in policies for continuous monitoring of ACM resources, or write your own detections in Python to fit your internal business use cases.
Common security use cases for ACM Certificate with Panther include:
- Ensure all ACM certificates are using secure key and signature algorithms
- Monitor ACM certificate expiration
- Check if an ACM certificate renewal is pending or has failed and is in use by any other resources within the account.
How it Works
The integration is simple and fast:
- Connect your AWS account(s) to Panther
- A baseline scan is performed to identify all existing ACM certificates enabled in your AWS applications
- Built-in detections identify security issues
- Alerts will be sent if non-compliant ACM Certificates exist
Use Panther to search all ACM Certificates by name, view their compliance status, associated policies, and configured remediations. Learn more about using Panther to analyze your AWS logs for security insights.