Aws Old Ssh Public Keys
Description
Detects AWS IAM users who have SSH public keys that are older than 90 days. Old SSH public keys pose a security risk as they may be compromised or forgotten, potentially allowing unauthorized access to systems.
Detection Strategy
• Lists all IAM users in the AWS account
• For each user, retrieves their SSH public keys
• Flags any SSH public key with an upload date more than 90 days ago
• Reports the user ARN and upload date for each old SSH key found
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.