Database Security Groups Exposing Public Access

This bot identifies databases with security groups that have the database port open to the world, i.e., 0.0.0.0/0. As a database can reside in multiple security groups, this bot automates the examination of all attached security groups to discover public access in any one. This bot works with Amazon Web Services (AWS) only.

Severity

High

Resource Types Inspected

Database Instance

Reactive Hookpoints

None