Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This query detects AWS accounts where public sharing is enabled, using AWS Security Hub control SSM.7 findings. Allowing public sharing of SSM documents can expose automation content and enable unauthorized execution or tampering.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | AWS Security Hub |
| ID | 0aa20f8c-b8e4-4a34-a5b8-8b2d9dd7d1c2 |
| Severity | High |
| Status | Available |
| Kind | Scheduled |
| Tactics | Execution |
| Techniques | T1059 |
| Required Connectors | AWSSecurityHub |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
AWSSecurityHubFindings |
✓ | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊