Neglected assets

Classic Load Balancer’s Listener with SSL policy and certificate not from AWS Certificate Manager

Platform(s)
Compliance Frameworks
  • AWS Foundational Security Best Practices Controls
    • ,
  • CCM-CSA
    • ,
  • CCPA
    • ,
  • cis_8
    • ,
  • CPRA
    • ,
  • Data Security Posture Management (DSPM) Best Practices
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • mpa
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • PDPA

Description

Classic Load Balancer (ELB) provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level. The Classic Load Balancer {AwsEc2Elb} was found to have a listener with SSL Security Policy and a Certificate that was not issued by AWS Certificate Manager. This could result in an un-secure connection with weak encryption.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo