Privileged Group - Policy Version - Complete Cloud Security in Minutes

Lateral movement

Privileged Group – Policy Version

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
GDPR
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
pipeda
UK Cyber Essentials

Description

An IAM Group is a collection of IAM Users. You can use groups to specify permissions for a collection of users. The group {AwsIamGroup} was found with permissive permissions that allow for the ability to create or change a managed policy's version. Managed policies often hold a list of previous versions of the permissions they grant. By creating a new versions with additional permissions, or reverting to an old more permissive version, an attacker may be able to escalate their privileges and achieve account takeover.

Privileged Group – Policy Version

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS