Aws Transit Encryption Disabled
Description
Detects AWS ElastiCache Redis clusters that do not have transit encryption enabled, which means data transmitted between the client and the cache nodes is not encrypted in transit. This poses a security risk as sensitive data could be exposed to unauthorized parties through network traffic interception.
Detection Strategy
• Redis clusters in AWS ElastiCache are scanned to check their encryption configuration
• A vulnerability is reported when a Redis cluster has TransitEncryptionEnabled set to false
• Only Redis engine clusters are evaluated - other engines like Memcached are excluded from the check
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.