S3 Bucket Allows Authenticated READ Access
Ensure that your S3 buckets content cannot be listed by AWS authenticated accounts or IAM users in order to protect...
All articles by Orca Security
S3 Bucket Allows Authenticated WRITE Access
Ensure that your S3 buckets cannot be accessed for write actions by AWS authenticated accounts or IAM users in order...
AWS S3 bucket has global view ACL permissions enabled
The bucket's ACL Grants allow global Read access. This allows unknown and unauthenticated users to access all the data stored...
S3 Bucket Allows Public Access via Bucket Policies
Ensure that your S3 buckets are not publicly accessible via bucket policies in order to protect against unauthorized access. Allowing...
MemoryStore Redis instance AUTH is disabled
GCP MemoryStore is a service that allows you to construct your apps by using open source caching engines: Memcached or...
RDS database snapshot is shared with AWS accounts
Amazon Relational Database Service (RDS) allows setting up a relational database instance in the cloud. RDS snapshot is a point-in-time...
EMR Cluster is publicly accessible
The EMR Cluster {AwsEmrCluster} is publicly accessible. Emr cluster should only be accessible from private endpoints in order to prevent...
KMS key is anonymously/publicly accessible
Granting permissions to allUsers or allAuthenticatedUsers allows anyone to access the dataset. Such access might not be desirable if sensitive...
Redshift publicly accessible
A Redshift cluster is publicly accessible. This means that anyone on the internet can connect to it. Malicious actors may...
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.
Chat with Us
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.
Chat with an Orca ExpertNo Slack account required.