Vendor services misconfigurationsCloud function with public invoker privileges
Platform(s)
Compliance Frameworks
Brazilian General Data Protection (LGPD), CCM-CSA, CCPA, cis_8, CPRA, essential_8_au, GDPR, HITRUST, ISO 27701, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, Orca Best Practices, PDPA, pipeda, UK Cyber Essentials
Description
GCP cloud function {GcpCloudFunction} was detected running with public invoker privileges, allowing any user on the internet to invoke the function.
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.