Detection
What do we detect?
Configurations
- Misconfigurations – Configurations due to human error, e.g., you intended to set X but instead set Y.
- Dangerous Defaults – Default configurations created by the Cloud Service
- Risky and Weak Configurations - Configurations that do not follow best practices for an asset or entity that can be hardened (for example, using tls 1.1 instead of tls 1.3).
- Unprotected Secrets – Any exposed secret such as an unencrypted password.
Identity
- Risky Permissions – Any over-permissive permission which imposes risk
- Shadow Admins – Detecting all users who were given admin permissions by mistake
Assets
- Vulnerabilities – Scanning all EC2 hosts for CVEs
- Neglected assets – Any asset which is not in use
- Public Assets at Risk – Leveraging top 3rd party threat intelligence for scanning publicly exposed assets
Credentials Detection
Updated about 1 year ago