Amazon Kinesis
š The lack of data-at-rest encryption in Amazon Kinesis exposes the data stream to potential unauthorized access and data breaches. Enforcing encryption is essential for securing data stored in Kinesis, ensuring its confidentiality and integrity.
- Section: Encryption
- Severity: High
- CWE: CWE-311 Missing Encryption of Sensitive Data
- Assurance Scope: PCI, NIST, HIPPA
- Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
- Rule Set: Threat Modeling - Cloud Configuration Check
š Not using KMS CMKs for data-at-rest encryption in Amazon Kinesis can lead to weaker data security controls. Utilizing KMS CMKs provides enhanced encryption management, ensuring robust protection for data stored within Kinesis streams.
- Section: Encryption
- Severity: High
- CWE: CWE-653 Insufficient Compartmentalization
- Assurance Scope: PCI, NIST, HIPPA
- Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
- Rule Set: Threat Modeling - Cloud Configuration Check
Updated about 1 year ago
Whatās Next