In todays market, over 76% of organizations plan to or have adopted cloud services. This includs cloud storage Amazon Web Services (AWS) which is the public cloud market leader with over 40% cloud market share. Its Simple Storage Service (Amazon S3) is one of its most popular services, used by nearly 195,000 unique domains. Among customers that are leveraging AWS technologies, Amazon S3 is probably one of the most popular services.
By default when you create an Amazon S3 bucket, the bucket is private and only accessible by users or credentials belonging to that user account . To control who has access to data stored within the S3 bucket, users can apply an Access Control List (ACL) to the entire bucket, or different ACLs to specific objects stored within the bucket or the bucket itself.
If the bucket has not been configured correctly or if there has been a misconfiguation such as if it is configured as a public bucket, an attacker and the public will be able to view and access the files in the bucket.Once the sensor is deployed in Amazon AWS, the sensor will go to work and will instantly start absorbing CloudTrail data and provide you complete discernability into AWS configuration issues and potential threats.
When it comes to S3, our solution contains out of the box dashboards where you can quickly assess:
- Identify which bucket/files are being accessed
- Identify who is accessing those files
- Help Identify compliance possible security issues