Instances should have Shielded VM integrity monitoring enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | compute |
| Provider | |
| Vulnerability Type | omission |
Description#
VM instances are deployed without Shielded VM integrity monitoring enabled, preventing detection of unauthorized or unexpected changes to the VM’s boot process or system files.
Impact#
Without integrity monitoring, malicious modifications to the VM’s boot state or firmware may go unnoticed, increasing the risk of persistent threats and undetected compromise that could lead to data breaches or system control loss.
Resolution#
Enable Shielded VM Integrity Monitoring