Amazon EFS
📘 The absence of encryption for Amazon EFS Volumes can lead to potential data breaches and unauthorized access. Encrypting data is a fundamental security measure for protecting sensitive information stored on these volumes.
- Section: Encryption
- Severity: High
- CWE: CWE-311 Missing Encryption of Sensitive Data
- Assurance Scope: PCI, NIST, HIPPA
- Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
- Rule Set: Threat Modeling - Cloud Configuration Check
📘 Failing to enforce data-at-rest encryption using KMS CMKs for Amazon EFS Volumes compromises the security and confidentiality of stored data. Utilizing KMS CMKs enhances data protection by providing robust encryption and key management capabilities.
- Section: Encryption
- Severity: High
- CWE: CWE-653 Insufficient Compartmentalization
- Assurance Scope: PCI, NIST, HIPPA
- Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
- Rule Set: Threat Modeling - Cloud Configuration Check
Updated 5 months ago
What’s Next