CYFIRMA - Attack Surface - Cloud Weakness Medium Rule

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Content Index

This rule detects cloud storage buckets (e.g., AWS S3) that are publicly accessible without authentication. Such misconfigurations can lead to data exfiltration, compliance violations, and reputational damage. The detection is based on Cyfirma's Attack Surface Intelligence.

Attribute Value
Type Analytic Rule
Solution Cyfirma Attack Surface
ID b8a3c5e2-04d5-4b61-9b62-b4f53a417f74
Severity Medium
Status Available
Kind Scheduled
Tactics InitialAccess, Collection, Discovery, Exfiltration
Techniques T1087, T1087.004
Required Connectors CyfirmaAttackSurfaceAlertsConnector
Source View on GitHub

Tables Used

This content item queries data from the following tables:

Table Transformations Ingestion API Lake-Only
CyfirmaASCloudWeaknessAlerts_CL ? ?

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Analytic Rules · Back to Cyfirma Attack Surface