Storage bucket without uniform bucket-level access

Data protection

Storage bucket without uniform bucket-level access

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
GCP CIS
GDPR
HITRUST
ISO 27701
ISO/IEC 27001
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
UK Cyber Essentials

Description

We have found a bucket ({GcpStorageBucket}) without uniform bucket-level access enabled. Enabling uniform bucket-level access guarantees that if a Storage bucket is not publicly accessible, no object in the bucket is publicly accessible either.

Recommended Mitigation

Enable uniform bucket-level access for all buckets.

Storage bucket without uniform bucket-level access

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS