Security Recommendations
Last updated
Was this helpful?
Last updated
Was this helpful?
Users who have been inactive for more than 90 days are considered obsolete and subject to deletion. This is due to the security risks they produce for the organization as they can be compromised and become access points for malicious users.
The number of days is a custom parameter. Use to change it. You can also download a list of inactive users as JSON or XLSX by selecting the download icon .
Security check that browses through the resources to find network vulnerabilities and provides a list of instances liable to RDP/SSH hacking. The following are the insecure ports and permissions:
port tcp/22
port tcp/3389
all inbound traffic
with one of:
CidrIp: 0.0.0.0/0
CidrIpv6: ::/0
AWS
Describe regions: ec2.describe_regions()
Describe instances: ec2.describe_instances()
Describe security groups: ec2.describe_security_groups()
Azure
Describe instances: compute.virtual_machines.list_all()
Describe security groups: network.network_security_groups.list_all()
You can download the list of insecure Security Groups as JSON for subsequent automated processing.
The active IAM users that have console access turned on, but have not used it for more than 90 days are in the list. Consider revoking console access to increase security.
The S3 buckets in the list are public. Ensure that the buckets use the correct policies and are not publicly accessible unless explicitly required.
Note that the number of days is a custom parameter. Use to change it.