Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Detects S3 object ACL changes that expose objects to public or broadly authenticated users. This can result in unintended data disclosure from object-level permissions.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Amazon Web Services |
| ID | 09f2a28b-3286-4268-9e2f-33805f104e5d |
| Severity | Medium |
| Status | Available |
| Kind | Scheduled |
| Tactics | Exfiltration |
| Techniques | T1537 |
| Required Connectors | AWS |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AWSCloudTrail |
EventName == "PutObjectAcl" |
✓ | ✓ | ✓ |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊