Amazon KMS

πŸ“˜ Public exposure of AWS Key Management Service (KMS) master keys poses a critical security risk, potentially leading to unauthorized access and data breaches. It is essential to ensure these keys are kept confidential and protected from public exposure to safeguard sensitive data and maintain robust security.

  • Section: Secret Management
  • Severity: Critical
  • CWE: CWE-668 Exposure of Resource to the Wrong Sphere
  • Assurance Scope: PCI, NIST
  • Threat Modeling Principal: Information Disclosure, Tampering
  • Rule Set: Rapticore Benchmark

What’s Next