Aws Unencrypted Snapshots

Description

Detects AWS EC2 snapshots that are not encrypted. EBS snapshots store point-in-time copies of EBS volumes and may contain sensitive data, making encryption critical for data protection. Unencrypted snapshots could expose sensitive data if unauthorized access occurs.

Weakness:

333 - Insecure service configuration - EC2

Category: Functionality Abuse

Detection Strategy

• Retrieves all EBS snapshots owned by the current AWS account

• Checks each snapshot's 'Encrypted' property to determine if encryption is enabled

• Reports a vulnerability when a snapshot's 'Encrypted' property is set to false

• Captures the snapshot ID and region in the vulnerability report for remediation

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.