Amazon Firehose
📘 Not enforcing data-at-rest encryption in Amazon Firehose can expose sensitive data to unauthorized access and potential breaches. Implementing encryption is crucial for securing data stored in Firehose streams, ensuring confidentiality and integrity.
- Section: Encryption
- Severity: High
- CWE: CWE-311 Missing Encryption of Sensitive Data
- Assurance Scope: PCI, NIST, HIPPA
- Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
- Rule Set: Threat Modeling - Cloud Configuration Check
Updated 5 months ago