Data at risk

S3 Bucket is Accessible to Unmonitored Accounts

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

{AwsS3Bucket} has a policy that allows external AWS accounts to access it. This means that a malicious actor can also connect to the bucket and gain access to its contents.

  • Recommended Mitigation

    Rewrite S3 bucket policies to only allow access to the accounts/applications/services that really need it.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.