Amazon EBS
📘 Encrypting AWS EBS volume snapshots containing sensitive and critical data is crucial for protecting against unauthorized access and data breaches. This encryption safeguards the integrity and confidentiality of data stored in these snapshots.
- Section: Storage
- Severity: High
- CWE: CWE-311 Missing Encryption of Sensitive Data
- Assurance Scope: PCI, NIST, GDPR, HIPPA
- Threat Modeling Principal: Tampering, Information Disclosure
- Rule Set: Rapticore Benchmark
📘 Keeping AWS Elastic Block Store (EBS) volume snapshots private is essential to prevent unauthorized access and exposure of sensitive data. Ensuring snapshots are not public is a critical measure for data security and privacy.
- Section: Storage
- Severity: Critical
- CWE: CWE-668 Exposure of Resource to the Wrong Sphere
- Assurance Scope: PCI, NIST
- Threat Modeling Principal: Information Disclosure
- Rule Set: Rapticore Benchmark
📘 Non-public AWS RDS snapshots are vital for maintaining the security of database contents. Public exposure of these snapshots can lead to critical data breaches and unauthorized access, emphasizing the need for stringent access controls.
- Section: Storage
- Severity: Critical
- CWE: CWE-668 Exposure of Resource to the Wrong Sphere
- Assurance Scope: PCI, NIST, GDPR, HIPPA
- Threat Modeling Principal: Tampering, Information Disclosure
- Rule Set: Rapticore Benchmark
Updated 5 months ago
What’s Next