Default security group allows inbound unrestricted traffic

Network misconfigurations

Default security group allows inbound unrestricted traffic

Platform(s)

Compliance Frameworks

CCM-CSA
CCPA
CPRA
Data Security Posture Management (DSPM) Best Practices
HITRUST
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. We identified the default security group ""{AwsEc2SecurityGroup}"" ({AwsEc2SecurityGroup.GroupId}) is configured to allow inbound access from any IP address (0.0.0.0/0 or ::/0) for {SgIpPermissions.PortRange}

Default security group allows inbound unrestricted traffic

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS