Skip to main content

Top 5 AWS security misconfigurations and how to fix them

Meet the AWS cloud security villains

0 Min. Lesezeit

Adopting Amazon Web Services (AWS) — the dominant cloud service provider — can help organizations innovate faster and accelerate their digital transformation. But there are common security pitfalls when moving to AWS. Fortunately, there are steps your team can take to avoid them.

In this series, we'll explore these five risks — as personified by supervillains — and look at some ways to keep them at bay.

wordpress-sync/feature-series-aws-security-poster

Download the Cloud Security Advocates Unite PDF


Meet the villains on YouTube


Insecure resource misconfigurations

wordpress-sync/series-aws-security-abra-confdabra-small

Abra Confdabra

With the migration of applications and storage to the cloud for cost savings, as well as digital transformation for enterprises across the globe, resources that were behind the closed doors of a hardware firewall are now at the mercy of cloud infrastructure misconfigurations. An AWS S3 bucket that's left open to the internet is one of the most common examples of cloud resource misconfigurations — and a common reason for a lot of publicity around data breaches.

Don't leave your data exposed to the Magician, as they use sleight of hand to steal sensitive data out from right under your nose...

Learn to secure your resource configurations

Dangling DNS

wordpress-sync/series-aws-security-sub-domine-small

Sub doMine

Public websites that are managed and hosted on a  public cloud provider (like AWS) can be prone to dangling DNS if the files and servers hosting the website can be replaced by an attacker’s server — resulting in a subdomain takeover. And unless an organization is keeping a close eye on each of its DNS entries, risks can exist in environments for a long time before they get discovered — with the potential for long-term impact.

Learn to keep your DNS from dangling

Leaked credentials

wordpress-sync/series-aws-security-miscred-small

MisCred

Identity is the new perimeter in the public cloud — and exposed or compromised credentials linked to these identities have been found to be the most common reason for most data breaches. Outside of data breaches, ransomware is the next biggest impact of leaked credentials. Fortunately, there are simple steps that teams can take to make sure credentials stay safe and secret.

Learn to prevent credential leaks

Identification and authentication failure

wordpress-sync/series-aws-security-con-identity-small

Con-Identity

Identification and authentication failures occur when a user’s identity, authentication, or session management is not implemented appropriately, leaving the cloud-hosted application unprotected against this attack. Attackers can exploit these unprotected cloud-hosted applications to get access to usernames, passwords, and session tokens and assume identities temporarily or permanently. Don't be fooled by Con-Identity and other con artists that try to sneak past security.

Learn to prevent identity and auth failures

Lack of IAM controls

wordpress-sync/series-aws-security-whoiam-small

whoIAM

If any of the identities that can authenticate to AWS lose their credentials due to a public data breach or by being accidentally shared with an attacker, this can be quite bad for the organization. This gets worse when the compromised identity has permissions that allow them to do a lot more than what their current role in the organization should allow. Luckily, there are simple steps that teams can take to keep this villain at bay.

Learn to control your IAM

Nächster Artikel dieser Serie

Abra Confdabra: Insecure resource misconfigurations

When insecure resource configurations or vulnerable cloud workload resources are left accessible over the internet, attackers can compromise and exploit them for malicious activity.

Weiterlesen