Leaked Os Password
Leaked passwords were found on the operating system's user accounts. Leaked passwords are taken from known major data leaks and...
All articles by Orca Security
Redshift using default port
It was found that Redshift uses the default port (5439) for database access. It exposes the database to brute force...
Ensure a Custom Role is Assigned Permissions for Administering Resource Locks
There is no custom role to administer resource locks. Azure resource locks allow you to protect sensitive resources from accidental...
SSH Public Key Rotation (90 Days)
Rotating periodically the SSH keys assigned to your IAM users will significantly reduce the chances that a compromised set of...
AWS Secrets Manager secret with automatic rotation disabled
AWS Secrets Manager helps you to store and protect secrets needed to access your applications, services, and IT resources. Rotating...
AWS Secrets Manager secret was not used in the last 90 days
AWS Secrets Manager helps you to store and protect secrets needed to access your applications, services, and IT resources. We...
Weak Encryption Key
The following SSH Keys are defined with low level of encryption. This counfiguration might allow key cracking and compromise.
KMS encryption key rotation period is bigger than 90 days
Rotating kms keys regularly helps prevent brute-force attacks enabled by cryptanalysis and limits the number of actual messages vulnerable in...
App Service Authentication is off
By Enabling Authentication, every incoming HTTP request passes through it before being handled by the application code. It also handles...
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.