Amazon AMI

πŸ“˜ Not publicly sharing AWS AMIs with other AWS accounts is a critical practice for data security. This precaution helps to prevent the exposure of sensitive data contained in AMIs, safeguarding against unauthorized access and potential data breaches.

  • Section: Storage
  • Severity: Critical
  • CWE: CWE-668 Exposure of Resource to the Wrong Sphere
  • Assurance Scope: PCI, NIST
  • Threat Modeling Principal: Information Disclosure, Tampering
  • Rule Set: Rapticore Benchmark

What’s Next