Data at risk

EBS snapshot is shared with unknown AWS accounts

Platform(s)
Compliance Frameworks

coppa, CPRA, Data Security Posture Management (DSPM) Best Practices, essential_8_au, essential_8_au_level_1, essential_8_au_level_2, Mitre ATT&CK, mpa, NIST 800-171, NIST 800-53, pipeda

Description

Amazon EBS (Elastic Block Storage) provide block level storage service designed to be used with EC2 instances. EBS snapshot is a point-in-time copy of the data stored in a EBS volume. It was detected that the EBS snapshot {AwsEc2EbsSnapshot} is shared with AWS accounts that are not in your organization. The AWS accounts are: [{AwsEc2EbsSnapshot.UnknownPermittedCloudAccounts}]. These accounts have the ability to copy the EBS snapshot and even create a volume from it. The volume can then be attached to an EC2 instance, from which the data stored in the EBS volume can be accessed.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo