Ensure CloudWatch has an Alarm for Security Group Changes
Amazon CloudWatch is a monitoring and observability service that can give real time insight into all actions and metrics going on with-in your infrastructure. CloudWatch allows for the creation of alarms that can allow for actionable responses to events. Understanding when a security group changes alert you to a potential security incident and is why this is considered a security best practice. This can help with ensuring you are compliant with the CIS benchmark. If you need to create additional alarms for other services, you can leverage our CloudTrail Event Generator tool to help you create the event pattern.