Network misconfigurations

ELB missing outbound rules in their security groups

Platform(s)
Compliance Frameworks
  • CCM-CSA
    • ,
  • Data Security Posture Management (DSPM) Best Practices
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • Orca Best Practices
    • ,
  • UK Cyber Essentials

Description

An Elastic Load Balancer (ELB) has a security group with no outbound rules. A security group without any outbound rules rejects all outgoing traffic. This means that all outgoing traffic originating from your cloud assets (instances, containers, etc.) will be dropped when it reaches the ELB layer.
Need help?

Get a free Security Risk Assessment. Start today

Demo the Orca Platform

In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

Get a Demo