Network misconfigurations

ELB missing outbound rules in their security groups

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

An Elastic Load Balancer (ELB) has a security group with no outbound rules. A security group without any outbound rules rejects all outgoing traffic. This means that all outgoing traffic originating from your cloud assets (instances, containers, etc.) will be dropped when it reaches the ELB layer.

  • Recommended Mitigation

    Ensure that all security groups attached to load balancers have at least one outbound rule.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.