Cloud Users Without MFA Enabled
This bot identifies cloud user accounts which are not set up to leverage two-factor authentication when accessing the native cloud portal. Allowing access to the native portal with standard credentials can expose the organization to attacks and access by malicious users via brute force, social engineering and other techniques.
Recommended Action
Ensure that user accounts, especially those with administrator/privileged access, are set up to leverage multi-factor authentication.
Severity
High
Resource Types Inspected
Cloud User
Reactive Hookpoints
resource.created resource.modified