When using event logs to monitor for security violations and incidents, the quality of output is determined by the quality of the input. Much of the logging being used is subpar, and there has been little industry incentive to fix it. This, in turn, is preventing true cloud security because cloud platform logs don’t contain useful information.
It doesn’t have to be this way. Remedying the “garbage in, garbage out” problem is possible, but it requires an understanding of what is causing the problem in the first place.