Data at risk

S3 Bucket Allows Public GET

Platform(s)
Compliance Frameworks
  • HITRUST
  • ,
  • Mitre ATT&CK
  • ,
  • Orca Best Practices

Description

Orca has detected that your s3 bucket '{AwsS3Bucket}' can be publicly accessed for GET actions. An S3 bucket that grants GET (read) access to everyone can allow anonymous users to read the objects within the bucket.