Aws
Available solutions
- Unrestricted access between network segments - AWS
- Excessive privileges - AWS
- Business information leak - AWS
- Non-encrypted confidential information - AWS
- Authentication mechanism absence or evasion - AWS
- Use of an insecure channel - AWS
- Traceability Loss - AWS
- Automatic information enumeration - AWS
- Insecure service configuration - AWS
- Insecure service configuration - Bucket
- Non-encrypted confidential information - Hexadecimal
- Weak credential policy - Password strength
- Unrestricted access between network segments - RDS
- Lack of protection against deletion - RDS
- Insecure service configuration - IAM
- Automatic information enumeration - Open ports
- Non-encrypted confidential information - Redshift Cluster
- Non-encrypted confidential information - DynamoDB
- Traceability Loss - API Gateway
- Non-encrypted confidential information - DB
- Excessive privileges - Wildcards
- Unauthorized access to files - Debug APK
- Use of an insecure channel - HTTP
- Insecure service configuration - ELB
- Privilege escalation
- Serverless - one dedicated IAM role per function
- Security controls absence - Monitoring
- Insecure service configuration - Security Groups
- Insecure service configuration - KMS
- Non-encrypted hard drives
- Insufficient data authenticity validation - Cloudtrail Logs
- Unauthorized access to files - S3 Bucket
- Lack of protection against deletion - DynamoDB
- Weak credential policy - Password Expiration
- Lack of protection against deletion - ELB
- Non-encrypted confidential information - EBS Volumes
- Business information leak - Credentials
- Guessed weak credentials
- Non-encrypted confidential information - EFS
- Insecure service configuration - EC2
- Improper authorization control for web services - RDS
- Automatic information enumeration
- Insecure service configuration - DynamoDB
- Lack of protection against deletion - EC2
- Weak credential policy - Temporary passwords
- Insecure encryption algorithm - SSL/TLS
- Non-encrypted confidential information - S3 Server Side Encryption
- Insecure encryption algorithm - Default encryption