Data at risk

SageMaker notebook instance has direct internet access

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls, Brazilian General Data Protection (LGPD), CCPA, CPRA, Data Security Posture Management (DSPM) Best Practices, GDPR, ISO 27701, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, NIST 800-171, NIST 800-53, Orca Best Practices, PDPA, UK Cyber Essentials

Description

AWS SageMaker is a service that enables to create, train, and deploy machine-learning models in the cloud. AWS SageMaker notebook instance provides a Jupyter notebook app through a fully managed machine learning AWS EC2 instance, and used to perform advanced data exploration. It was found that AWS SageMaker notebook instance has a direct internet access. This could result in unwanted access to your data, potentially increasing the attack vector for malicious behavior. Although the system prohibits unauthenticated access, using SageMaker direct access does not stand with security best practices
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo