Suspicious activity

AWS GuardDuty detects API calls against public S3 Bucket with PII from suspicious source

Risk Level

Imminent Compromised (2)

Platform(s)
Compliance Frameworks

Description

S3 API calls from suspicious source address were detected by AWS GuardDuty service on the public S3 Bucket {AwsS3Bucket}. AWS GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity. The service detects one of the following types of S3 discovery findings (Discovery:S3/MaliciousIPCaller, Recon:EC2/PortProbeUnprotectedPort, Discovery:S3/MaliciousIPCaller.Custom, Discovery:S3/TorIPCaller) on a public S3 Bucket that Orca has identified with Potentially Personal Identifying Information.
Need help?

Get a free Security Risk Assessment. Start today

Orca Security Demo Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.