ImmuniWeb has introduced a free cloud security test which it says allows cyber security and IT professionals to pinpoint their organisations’ unprotected cloud storage, to prevent data leaks and security incidents.
The online tool detects unprotected cloud storage in AWS, Microsoft Azure, Google Cloud Platform and other public cloud service providers.
The test is part of the company’s Community Edition – a set of free online tools companies can use to verify application security, privacy and compliance, detect phishing, domain squatting and dark Web exposure.
Under a specific set of circumstances, cloud storage such as AWS S3 buckets, may require public access to provide external users with public data like images or videos. In reality, misconfigured and unprotected cloud storage is one of the most common causes of data leaks and breaches in cloud environments, the company explains.
The swift proliferation of small cloud providers that offer their own cloud storage services that have insecure settings by default, exacerbates the situation.
“Given that countless organisations are migrating into a cloud without investing in adequate security training of their technical teams, they are sitting on a powder keg ready to explode,” says ImmuniWeb.
Modern cloud storage services share similar weaknesses arising from incorrect usage of access policies, excessive identity access management (IAM) permissions or even absent authorisation mechanisms. Shadow cloud accounts or unknown cloud assets add complexity to the situation, particularly in multi-cloud environments.
Petabytes of private data are continually found by security researchers and Black Hats in the wild, which is a major concern for security professionals, the company adds.
ImmuniWeb’s online test aims to solve these challenges by arming cyber security and DevOps teams with a simple way to detect unprotected cloud storage, detect IAM misconfigurations, discover shadow cloud accounts and prevent cloud-related data leaks and breaches.
The technology behind the test leverages open-source intelligence (OSINT), big data and smart prediction technology based on machine learning to discover unprotected cloud buckets belonging to a particular company. To prevent using its new tool for potentially malicious purposes, free registration and account validation are required to gather the URLs of exposed cloud buckets. The tool is also equipped with a free API available after registration for DevOps and cyber security teams.
Ilia Kolochenko, chief architect and CEO at ImmuniWeb says: “Leading cloud providers, such as AWS, have a full spectrum of powerful tools and services that can instantly detect and automatically remediate misconfigurations in their cloud environments. Unfortunately, many organisations of all sizes struggle to properly implement cloud security posture management due to complexity or lack of technical skills.”
He says many existing commercial solutions and open-source tools also require a cloud IAM account to unpack and then assess the security of a company’s cloud assets. ImmuniWeb’s tool does not require cloud credentials and leverages its proprietary discovery techniques to do this.
“We will soon implement such features as free continuous monitoring and API to further simplify its usage and integration into existing CSPM and incident response processes. More exciting announcements are coming soon,” he ends.
Share