What do we detect?

Configurations

  • Misconfigurations – Configurations due to human error, e.g., you intended to set X but instead set Y.
  • Dangerous Defaults – Default configurations created by the Cloud Service
  • Risky and Weak Configurations - Configurations that do not follow best practices for an asset or entity that can be hardened (for example, using tls 1.1 instead of tls 1.3).
  • Unprotected Secrets – Any exposed secret such as an unencrypted password.

Identity

  • Risky Permissions – Any over-permissive permission which imposes risk
  • Shadow Admins – Detecting all users who were given admin permissions by mistake

Assets

  • Vulnerabilities – Scanning all EC2 hosts for CVEs
  • Neglected assets – Any asset which is not in use
  • Public Assets at Risk – Leveraging top 3rd party threat intelligence for scanning publicly exposed assets

Credentials Detection