This report holds the results of the Cloud Security Assessment performed on uknowva Cloud Infrastructure by the SecIQ security team. The details about each task and our findings have been consolidated for this Executive Summary and additional information is contained within the Detailed Vulnerability Information section of this report.
Executive Summary :
- uknowva Apps’ Cloud Infrastructure was identified to have some business risks, which have all been mitigated by the uknowva team and we have validated these fixes.
- Currently, there are no business-critical issues as per our knowledge.
Findings Summary:
|
Sr no. |
Vulnerability and Observation’s issue name |
Status |
Severity |
|
1 |
RDS publicly accessible |
Closed |
High |
|
2 |
RDS instances have backup disabled |
Closed |
High |
|
3 |
RDS Auto Minor Version Upgrade is disabled |
Closed |
High |
|
4 |
RDS Single AZ Instance |
Closed |
High |
|
5 |
Unencrypted EBS Snapshots |
Closed |
High |
|
6 |
EBS Volume Not Encrypted |
Closed |
High |
|
7 |
EC2 Instances with Public IP |
Closed |
High |
|
8 |
Security Group port has been opened to allowing all traffic |
Risk Accepted* Closed |
High |
|
9 |
Access Keys Are Not Rotated at Regular Intervals |
Closed |
High |
|
10 |
Credentials Unused for 90 Days or Greater Are Not Disabled |
Closed |
High |
|
11 |
Mitigating Privilege Escalation Risks in Exposed IAM Roles |
Risk Accepted* Closed |
High |
|
12 |
IAM Policies Exposed the Risks of Privilege Escalation |
Risk Accepted* Closed |
High |
|
13 |
IAM password policy Minimum Password Length Too Short |
Closed |
Medium |
|
14 |
RDS Instance Storage Not Encrypted |
Closed |
Medium |
|
15 |
S3 bucket MFA Delete is not enabled |
Closed |
Medium |
|
16 |
S3 Bucket Access Logging Disabled |
Closed |
Medium |
|
17 |
S3 Bucket without Versioning |
Closed |
Medium |
|
18 |
S3 buckets do not have secure transport policy |
Closed |
Medium |
|
19 |
S3 bucket object lock is not enabled |
Closed |
Medium |
|
20 |
Unrestricted Network ACL Inbound Traffic |
Closed |
Medium |
|
21 |
Unrestricted Network ACL Outbound Traffic |
Closed |
Medium |
|
22 |
Subnet without a Flow Log |
Closed |
Medium |
|
23 |
Modifying "Auto-Assign Public IP" Setting in VPC Subnet |
Closed |
Medium |
|
24 |
AWS Backup not Configured |
Closed |
Medium |
In case you face any problems, then please write to This email address is being protected from spambots. You need JavaScript enabled to view it., our awesome support team will surely help you!