The AWS Certificate Manager security scan on Vectrix detects a variety of SSL certificate issues in a connected AWS account that could be leaving you vulnerable or non-compliant. This includes unencrypted snapshots, disabled backups, and more.
Scan on-demand to detect active RDS security issues that you have.
Monitor continuously to get alerted about new RDS security issues in the future.
Don't know how Amazon RDS works? Read more below.
What this scan detects
Unencrypted RDS instances and snapshots
Having unencrypted RDS instances and snapshots can be problematic as data stored in the instance or snapshot are not encrypted, so in the case of unauthorized access, the data inside can be more easily leaked.
Disabled automated snapshot backups
Having automated RDS snapshot backups disabled could be problematic as in the event of a snapshot being deleted - whether intentionally or unintentionally - it can leave users without a way to restore the information stored in the RDS snapshot.
Disabled database deletion protection
RDS database deletion protection that is disabled can be problematic as it allows for the possibility of users (or bad actors) terminating RDS database instances without authorization or further oversight.
RDS instances with an unrestricted security group
RDS database instances with unrestricted security groups can be problematic as they do not properly restrict inbound and outbound traffic to the database, giving bad actors a potential attack vector into your account.