Aws Unencrypted Snapshots
Description
Detects AWS EC2 snapshots that are not encrypted. EBS snapshots store point-in-time copies of EBS volumes and may contain sensitive data, making encryption critical for data protection. Unencrypted snapshots could expose sensitive data if unauthorized access occurs.
Detection Strategy
• Retrieves all EBS snapshots owned by the current AWS account
• Checks each snapshot's 'Encrypted' property to determine if encryption is enabled
• Reports a vulnerability when a snapshot's 'Encrypted' property is set to false
• Captures the snapshot ID and region in the vulnerability report for remediation
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.