Misconfigurations
EC2
ZeusCloud provides the following security rules for AWS EC2:
- EC2 instances shouldn’t have public IPs to prevent public exposure
- Detailed monitoring should be enabled for EC2 instances
- EBS volumes should be encrypted at rest
- EBS optimization should be enabled for those EC2 instances that allow it
- EBS snapshots should be encrypted at rest
- EC2 AMIs owned by you should not be set to public
- Elastic IP addresses should be removed if they are unused