Network misconfigurations

Ensure Instance IP assignment is set to private

Platform(s)
Compliance Frameworks

Description

Database Server should accept connections only from trusted Network(s)/IP(s) and restrict access from public IP addresses. To minimize attack surface on a Database server instance, only trusted/known and required IP(s) should be white-listed to connect to it. An authorized network should not have IPs/networks configured to 0.0.0.0/0 which will allow access to the instance from anywhere in the world. Note that authorized networks apply only to instances with public IPs.

  • Recommended Mitigation

    It is recommended to set databases access only to trusted/known and required IP(s).

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.