Amazon Simple Storage Service (S3) has quickly become one of the world’s most popular object storage platforms. However, user error with regards to complex and confusing access management controls and other factors have left large amounts of sensitive information within S3 buckets exposed, in some cases openly accessible to anyone with an internet connection, leading to data breach and concerns regarding the ability to secure data properly within the S3 ecosystem.
StealthAUDIT for AWS allows organizations to secure their data residing in S3, reducing their risk exposure through proactive, automated auditing and reporting of S3 permissions, file activity, and sensitive data, and ultimately a consolidated view of user access rights across dozens of structured and unstructured data resources both on-premises and in the cloud.
S3 Permissions Auditing
Obtain detailed information and views on permissions assigned to AWS S3 Buckets, highlighting specific threats like “Open” Buckets and Broken Inheritance.
S3 Sensitive Data Discovery
Audit and analyze S3 Bucket content and object details, including the identification of sensitive information, ePHI, PII, and custom criteria like Employee IDs and trade secrets.
Root Account Security
Audit and analyze AWS root accounts for important security settings, including access keys and MFA configuration.
IAM User Security
Audit and analyze AWS IAM user accounts which have not rotated their access keys or have never used it, as well as the MFA status of each AWS user.
Identify user accounts which no have not logged into AWS for an extended amount of time or have never logged in.
Group Membership Analysis
Understand group memberships and obtain summarized views on the policies assigned to each group.
Stale Group Analysis
Identify group conditions that could indicate staleness such as Orphaned Groups and Empty Sensitive Security Groups, as well as Groups with Stale Membership.
Sensitive Security Groups
Track the membership of groups that have sensitive or higher-level security policies assigned to them for security and compliance.
Inventory IAM roles, along with associated details and configurations.
IAM Policy Analysis
Inventory and analyze all AWS policies (AWS and Custom Managed, and Inline), as well as Duplicate and Unused policies that can be consolidated or removed.
Want to know where your sensitive data is and who is accessing it? How about which of your S3 buckets are openly accessible to anyone with an internet connection? StealthAUDIT for AWS is designed to answer these questions and many more. StealthAUDIT’s scalability, accuracy, flexibility, and interoperability make it the preferred choice for organizations serious about data security.
See the market’s most comprehensive Exchange auditing, reporting, and governance platform in action.
It only takes 30 minutes!