Top 10 AWS Security Misconfiguration

Swift cloud adoptions spurred on by the global pandemic has led to oversights, errors, or ill-informed cloud service configuration choices (commonly referred to misconfigurations). You may have heard that securing the cloud can be complex, but something as “simple” to stop as a misconfiguration can ultimately lead to the unintended exposure of mission-critical information and assets.

Major cosmetic retailer, Estee Lauder, experienced a major breach due to a misconfiguration, resulting in more than 440 million records being exposed. And they weren’t the only company to face the music. In fact, misconfigurations are most significant risks to cloud environments, causing 65 to 70% of all security challenges in the cloud.

If misconfigurations are relatively straightforward to stop, then why are they so common? The cloud is comprised of a multitude of settings, policies, assets, and interconnected services and resources, making it a sophisticated environment to fully understand and properly set up.

This is especially true for organizations that have been pushed to migrate quickly to the cloud since remote work became the new norm. Unfortunately, when organizations start using any new technology too quickly without fully understanding its many intricacies, misconfigurations can occur. 

The responsibility isn’t on your cloud service provider (CSP) either—CSPs do their part in the shared responsibility model by designing, implementing, and constantly reviewing their infrastructure. However, misconfigurations can still occur when cloud assets and services are set up incorrectly on the user side, leaving an impact on the quality of cloud applications. 

Clearly, cloud adopters need to know the commonly occurring misconfigurations to mitigate them before malicious actors get wind of them and cause more significant harm. That’s why we analyzed data gathered through Trend Micro Cloud One™ – Conformity within a one-year period (June 30, 2020 to June 29, 2021) to determine the top 10 AWS services with the highest misconfiguration rates regarding the implementation of Conformity rules.

Top 10 AWS services with the highest misconfiguration rates  

To determine the top 10 misconfigurations, we looked at the AWS services with the greatest number of Conformity checks. These checks are the result of the Conformity rules scanned or run against our Conformity customers’ configuration of infrastructures or resources. A single cloud service can have numerous Conformity rules regularly scanning it to check for vulnerabilities and risks. These scans will subsequently result in checks. Each Conformity rule comes with a corresponding implementation, and the checks that run against the rules determine the success or failure of these implementations.

It should be noted that the number of checks does not represent the level of misconfiguration or the risk level of a particular service. Conformity users can choose to run a few or numerous checks simultaneously against their infrastructures and resources.  We then highlighted their respective misconfiguration rates, which are the percentage of rules found to be unsuccessfully implemented after a scan.

Next, we highlighted their respective misconfiguration rates, as shown in Figure 1. This is the percentage of rules found to be unsuccessfully implemented after a scan. 

Read More HERE