Route 53 Domain has Privacy Protection disabled
Route 53 domain {AwsRoute53Domain} does not have privacy protection enabled. Without privacy protection all contact information for the domain will...
All articles by Orca Security
KMS default keys in use
It was found that {AwsKmsKey} is an AWS-managed key, which is the default. Check AWS services to ensure the default...
DynamoDB table is not encrypted using customer-managed KMS key
DynamoDB table {AwsDynamodbTable} is encrypted using AWS-managed KMS key, instead of customer-managed KMS key
K8S API server configuration request-timeout is more the 60 seconds
Setting global request timeout allows extending the API server request timeout limit to a duration appropriate to the user's connection...
Security Hub is not enabled in all regions
AWS Security Hub provides you with a comprehensive view of your security state in AWS and helps you check your...
Kubernetes scheduler –profiling argument is not set to false
It was found that the argument --profiling in the Scheduler pod specification file is not set to False. Profiling is...
Kube-Proxy configuration file permissions are too permissive
It was found that the Kube-Proxy configuration file's permissions are too broad. Setting the file's permissions to be permissive might...
Kubernetes Controller Manager –profiling argument is not set to false
It was found that the argument --profiling in the Controller Manager configuration file is not set to False. Profiling is...
Kubernetes Controller Manager terminated pod garbage collector argument is not set appropriately
It was found that the argument --terminated-pod-gc-threshold in the Controller Manager configuration file is not set appropriately. This argument indicates...
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.