Elastic Load Balancer (ELBV2) with public access

Network misconfigurations

Elastic Load Balancer (ELBV2) with public access

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO 27701
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

Elastic Load Balancer (ELB) supports multiple load balancers types, each provide different feature in multiple network layers (application, network, transport). The elastic load balancer {AwsEc2Elbv2} was discovered to be associated with a security group {AwsEc2Elbv2.SecurityGroups} that allows public ingress access without IP filtering (0.0.0.0/0). Load balancer configured with public access opens the application hosted behind the load balancer to attacks from malicious entities on the Internet.

Elastic Load Balancer (ELBV2) with public access

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS