The Amazon S3 security scan on Vectrix detects a variety of S3 security risks in a connected AWS account that could be leaving you or your customers' data vulnerable. This includes bucket misconfigurations, SOC 2 and/or ISO 27001 compliance violations, and other issues.
Scan on-demand to detect active S3 security issues that you have.
Monitor continuously to get alerted about new S3 security issues in the future.
Don't know how Amazon S3 works? Read more below.
What this scan detects
A publicly-accessible S3 Bucket could be problematic as objects (files) stored in the bucket are now potentially accessible by anyone on the internet.
An unencrypted S3 Bucket could be problematic as objects (files) stored in the bucket are not encrypted, and should the objects be exposed or leaked, they can be accessed without any further protections.
Buckets with access logging disabled
An S3 Bucket with server access logging disabled could be problematic as bucket access logs are not collected, meaning that any modifications or improper access would not be recorded for later review.
Buckets with versioning disabled
An S3 Bucket with versioning disabled could be problematic as bucket objects (files) of different versions aren't preserved, meaning any modified S3 objects will overwrite their previous version.