Aws Unapproved Amis
Description
Detects EC2 instances that are running on non-Amazon published AMIs (Amazon Machine Images). Using unofficial or untrusted AMIs can introduce security risks as they may contain malware, vulnerabilities, or malicious code.
Detection Strategy
• Scans all EC2 instances in the specified AWS region
• For each instance, checks the ImageOwnerAlias of its associated AMI
• Reports a vulnerability if the AMI's ImageOwnerAlias is not 'amazon'
• Each vulnerability includes the instance ARN and the non-compliant ImageOwnerAlias value
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.