CloudKnox Integrates with AWS to Address Human Error Risks
AWS IAM Access Analyser is a new function that analyses resource policies to help administrators and security teams protect their resources from unintended access.
It comes from an integration with CloudKnox, which continuously detects and mitigates the risk of over-privileged machine and human identities.
The tool alerts customers when a bucket is configured to allow public access or access to other AWS accounts. There is also a single-click option that will block public access.
In July, more than 17,000 domains were said to have been compromised in an attack launched by the prolific hacking group Magecart that preyed on leaky S3 buckets.
According to Balaji Parimi, CEO of CloudKnox:
“It’s a strategic integration designed to protect organisations against unintended access to critical resources and mitigate the risks they face, such as over-privileged identities”
“Exposed or misconfigured infrastructure resources can lead to a breach or a data leak,” he said. “Combining AWS IAM Access Analyser’s automated policy monitoring and analysis with CloudKnox’s identity privilege management capabilities will make it easier for CloudKnox customers to gain visibility into and control over the proliferation of resources across AWS environments.”
CloudKnox, UK Managing Director, Alistair Mutch comments:
“The dynamic nature of the Cloud footprint means that a routine security audit leaves real time gaps in security that can be easily exploited. The real time capability of CloudKnox resolves this gap for customers looking to benefit from the agility Cloud platforms bring.”
At AVR we are proud to hold CloudKnox as one of our 6 Gold Partners.
Click below to read more on how CloudKnox can help protect your cloud infrastructure with a 15 day FREE risk assessment.
Original Source: Cloudpro.co.uk
The Threat Hunting Workshop: An educational workshop explaining the tools, techniques and procedures used by adversaries and how to detect and contain these types of attacks
The Threat Hunting Webinar: An educational webinar explaining the tools, techniques and procedures used by adversaries and how to detect and contain these types of attacks