Data at risk

Redshift publicly accessible

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls, Brazilian General Data Protection (LGPD), CCPA, coppa, CPRA, Data Security Posture Management (DSPM) Best Practices, GDPR, HITRUST, ISO 27701, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, Orca Best Practices, PDPA, pipeda, UK Cyber Essentials

Description

A Redshift cluster is publicly accessible. This means that anyone on the internet can connect to it. Malicious actors may discover the internet-facing cluster and try to compromise it via targeted attacks.