Suspicious activity

S3 Bucket with Policy:S3/BucketBlockPublicAccessDisabled GuardDuty Alert Found

Risk Level

Informational (4)

Platform(s)

  • Non-platform specific

Compliance Frameworks
  • Brazilian General Data Protection (LGPD)
    • ,
  • CCM-CSA
    • ,
  • CCPA
    • ,
  • cis_8
    • ,
  • CPRA
    • ,
  • GDPR
    • ,
  • HITRUST
    • ,
  • ISO 27701
    • ,
  • ISO/IEC 27001
    • ,
  • Mitre ATT&CK
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • PDPA
    • ,
  • UK Cyber Essentials

Description

GuardDuty finding was triggered for s3 bucket. It was found that the 'BucketBlockPublicAccessDisabled' feature was disabled for {AwsS3Bucket} bucket. This feature prevents the bucket from being publicly accessible. By disabling it, one protection level is removed and the access is limited only by the access controls and policies applied to the bucket.
  • Recommend icon

    Recommended Mitigation

    It is recommended to restrict the access to the bucket by blocking public access and review additional alerts on the asset.

Need help?

Get a free Security Risk Assessment. Start today

Demo the Orca Platform

In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

Get a Demo