Network misconfigurations

Ensure that Cloud SQL Database instances do not implicitly whitelist all public IP addresses

Platform(s)
Compliance Frameworks

Description

Instance addresses can be public IP or private IP. Public IP means that the instance is accessible through the public internet. In contrast, instances using only private IP are not accessible through the public internet, but are accessible through a Virtual Private Cloud (VPC).

  • Recommended Mitigation

    It is recommended to set databases access only to private will reduce attack surface.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.