Suspicious activity

Anomaly detection: Role increased activity in accessing public s3 bucket with PII

Platform(s)

Description

Unlike in the past, the role has an increased activity in accessing s3 bucket. Furthermore it was found that the role changed the s3 bucket's policy to public access. This is an anomaly in this role's behavior and might indicate on an exfiltration attempt. An attacker might create a public bucket to share confidential information outside the environment. The s3 bucket mentioned contains PII.
Need help?

Get a free Security Risk Assessment. Start today

Orca Security Demo Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.