Anyone who has been following security trends in recent years cannot fail to have noticed the preponderance of data breaches which have stemmed from unsecured Amazon S3 buckets.
Many well-known organisations, including FedEx, Capital One bank, Verizon, and even US defense contractors, have left confidential and sensitive data publicly exposed by not having properly configured the security of their cloud-based storage servers.
In fact, the problem became so bad that some security researchers have even been known to leave "friendly warnings" on exposed servers when they came across them, advising their owners to review their settings.
In late 2017, Amazon Web Services (AWS) announced that it was introducing "bright orange pill" warnings onto server administrators' dashboards warning them if buckets had been configured to be publicly accessible.
That was a positive step, but the continuing revelations of privacy-busting data breaches from unsecured storage servers meant that more still needed to be done.
This week Amazon announced its newest feature - the AWS Identity & Access Management Access Analyzer - that, amongst other things, monitors S3 bucket access policies and provides alerts if you have a cloud-storage bucket that is configured to allow access to anyone on the internet or that is shared with other AWS accounts.
In short, ..
Support the originator by clicking the read the rest link below.
