Amazon Neptune

1.1: Database Storage is not encrypted

📘 Unencrypted database poses a threat to data confidentiality and integrity, making encryption imperative to maintain a secure database environment.

  • Section: Encryption
  • Severity: High
  • CWE: CWE-311 Missing Encryption of Sensitive Data
  • Assurance Scope: PCI, NIST, GDPR, HIPPA
  • Threat Modeling Principal: Tampering, Information Disclosure
  • Rule Set: Threat Modeling - Cloud Configuration Check

1.2: Database is not encrypted with the Customer Master Key (CMK)

📘 Encryption using the Customer Master Key (CMK) provides a tailored and robust layer of security and is required for some high security environments.

  • Section: Encryption
  • Severity: High
  • CWE: CWE-653 Insufficient Compartmentalization
  • Assurance Scope: PCI, NIST, GDPR, HIPPA
  • Threat Modeling Principal: Tampering, Information Disclosure
  • Rule Set: Threat Modeling - Cloud Configuration Check

Updated 5 months ago

What’s Next