Misconfigurations
S3
ZeusCloud provides the following security rules for AWS S3:
- S3 buckets should have server access logging enabled
- Buckets should be configured with block public access settings
- S3 buckets should have versioning enabled to help recover from data loss
- S3 buckets should have at-rest server side encryption enabled by default
- S3 buckets should deny HTTP requests
- S3 buckets should have MFA delete enabled in the bucket versioning configuration
- S3 buckets should not be publicly readable
- S3 buckets should not be publicly writable