This article examines how attackers can exploit log data in cloud environments for enumeration and intelligence gathering. It discusses the types of logs generated by major cloud providers like AWS, Azure, and GCP, and highlights the importance of rethinking log access to enhance security. Practical mitigation strategies for defenders are also presented.

Amazon CloudWatch now allows users to enable deletion protection for their log groups. This feature prevents accidental deletions, ensuring critical operational and compliance logs are preserved. Administrators can activate this protection during log group creation or for existing groups.