Data protection

CloudFront distributions don’t have encryption in transit

Platform(s)
Compliance Frameworks

Description

We have found that CloudFront Distribution {AwsCloudFront} ViewerProtocolPolicy is set to allow-all for: {AwsCloudFront.PublicCacheBehaviors}. Amazon CloudFront is a high-performance content delivery network (CDN) service that securely delivers data, videos, apps, and APIs to customers around the world with low latency and high transfer speeds. Amazon CloudFront distribution can be encrypted in transition. You can choose whether Amazon CloudFront distribution requires viewers to use HTTPS directly or whether it uses redirection.
Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.