Came across this very cool article on Cloud security automation - think Cloud Security Posture Management (CSPM) solutions. The author describes 4 levels of automation:
Level 1: Ensure Visibility and Accountability through Logging
Level 2: More Impactful Best Practices
Level 3: Governance and Account Hygiene
Level 4: “Classic” Automated Remediation
Notably, these levels align nicely with what the CIS Benchmarks already prescribe as a best practice. So do you need a CSPM tool? Well, that is for you to decide, and depends on how deep your pockets are.