Data at risk

RDS database snapshot is shared with AWS accounts

Platform(s)
Compliance Frameworks
  • Brazilian General Data Protection (LGPD)
    • ,
  • CCM-CSA
    • ,
  • CCPA
    • ,
  • cis_8
    • ,
  • coppa
    • ,
  • CPRA
    • ,
  • Data Security Posture Management (DSPM) Best Practices
    • ,
  • essential_8_au
    • ,
  • essential_8_au_level_1
    • ,
  • essential_8_au_level_2
    • ,
  • GDPR
    • ,
  • hdh
    • ,
  • HITRUST
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-53
    • ,
  • PDPA
    • ,
  • pipeda

Description

Amazon Relational Database Service (RDS) allows setting up a relational database instance in the cloud. RDS snapshot is a point-in-time copy of the data stored in a RDS instance. It was detected that the RDS snapshot is shared with AWS accounts. These accounts have the ability to copy and restore the RDS snapshot and thus access its data.
Need help?

Get a free Security Risk Assessment. Start today

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo