Data at risk

MemoryStore Redis instance AUTH is disabled

Platform(s)
Compliance Frameworks

Brazilian General Data Protection (LGPD), CCPA, CPRA, Data Security Posture Management (DSPM) Best Practices, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, NIST 800-171, PDPA, UK Cyber Essentials

Description

GCP MemoryStore is a service that allows you to construct your apps by using open source caching engines: Memcached or Redis. Memorystore is protocol compliant and supports both caching engines. It was detected that GCP Redis instance {GcpRedisInstance} AUTH is disabled. AUTH ensures that known entities inside an organization do not mistakenly access and modify Redis instances.