Identify and remove default VPCs.
AWS creates a default Internet-facing VPC in every region. When launching new instances and other resources, if not otherwise specified it will launch into this network and potentially have Internet access. Removing the default VPC reduces the risk of inadvertently launching something with Internet access, and requires administrators and others to only use approved VPCs. Default VPCs are also commonly leveraged in attacks when the attacker is able to run their own resources.
Supported Issue Types:
A default VPC was found
- A default VPC was found in the region _ region name_.
- Remove the VPC
Fashion App’s Faux Pas: Open Buckets of (21) Buttons TL; DR: Leaving their S3 buckets exposed, fashion-focused social app, 21 Buttons, is caught with their pants down. Because it had nothing to do with
In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.