The Amazon EC2 security scan on Vectrix detects a variety of EC2 security issues in a connected AWS account that could be leaving you vulnerable or non-compliant. This includes security groups with insecure port settings, various SOC 2 compliance violations, and other issues.
Scan on-demand to detect active EC2 security issues that you have.
Monitor continuously to get alerted about new EC2 security issues in the future.
Don't know how Amazon EC2 works? Read more below.
What this scan detects
Security groups with open ports
Security groups (AWS' virtual firewalls) with open ports, like SSH, FTP, and MySQL, or port ranges, could be problematic as unintentionally exposed ports give bad actors a potential attack vector into your account.
Creation and deletion of SSH key pairs
Detecting the creation and deletion of EC2 SSH key pairs can be problematic as it is a potential warning sign of unauthorized activity in your AWS account, often with elevated permissions. Use Monitoring to receive this finding.
Deletion of EC2 instances
Deletion of EC2 instances could be problematic as it is a potential warning sign of unauthorized access and activity in your AWS account. Use Monitoring to receive this finding.
Unencrypted EBS volumes
Unencrypted EBS volumes could be problematic as they not only present the risk of compliance violations, but also leaves data stored on the EBS volume at greater risk of leakage in the case of a security incident, like a data breach.