Not a user yet?
Log in Register for free Suggest a product
Update

AWS CloudTrail ingestion (Preview)

Defender for CloudDefender for Cloud
Microsoft

AWS CloudTrail ingestion (Preview)
December 17, 2025

AWS CloudTrail management event ingestion is now available in preview in Microsoft Defender for Cloud.

When enabled, AWS CloudTrail ingestion enhances Cloud Infrastructure Entitlement Management (CIEM) by incorporating observed AWS management event activity alongside existing entitlement signals such as Access Advisor data. The additional usage context helps improve the accuracy of AWS security recommendations, including identifying unused permissions, dormant identities, and potential privilege escalation paths.

CloudTrail ingestion is supported for single AWS accounts and AWS Organizations that use centralized logging.

More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Banner Logitech