AWS Guard Duty: S3 Bucket with API calls against a public S3 Bucket with sensitive personally identifiable information (PII) from a suspicious source

Suspicious activity

AWS Guard Duty: S3 Bucket with API calls against a public S3 Bucket with sensitive personally identifiable information (PII) from a suspicious source

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

S3 API calls from suspicious source address were detected by AWS GuardDuty service on the public S3 Bucket {AwsS3Bucket}. AWS GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity. The service detects one of the following types of S3 discovery findings (Discovery:S3/MaliciousIPCaller, Recon:EC2/PortProbeUnprotectedPort, Discovery:S3/MaliciousIPCaller.Custom, Discovery:S3/TorIPCaller) on a public S3 Bucket that Orca has identified with Potentially Personal Identifying Information.

AWS Guard Duty: S3 Bucket with API calls against a public S3 Bucket with sensitive personally identifiable information (PII) from a suspicious source

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS