Aws Old Credentials Enabled
Description
Detects AWS IAM users who have password-based authentication enabled but haven't used their credentials in the last 90 days. Inactive accounts with valid credentials present a security risk as they may be compromised without detection.
Detection Strategy
• Examines the AWS IAM credential report for all users in the account
• Checks if users have password-based authentication enabled
• For users with passwords enabled, verifies when the password was last used
• Reports a vulnerability if the password hasn't been used in the last 90 days
• Each vulnerability includes the user's ARN and the timestamp of their last password usage
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.