Aws Query Results Not Encrypted
Description
Identifies AWS Athena workgroups that store query results without encryption enabled. Unencrypted query results can expose sensitive data to unauthorized access, especially when stored in S3 buckets. This poses a security risk for data confidentiality and regulatory compliance.
Detection Strategy
• Checks each Athena workgroup in the specified AWS region
• Verifies if the workgroup has executed any queries (has query execution history)
• Examines the workgroup's ResultConfiguration for an EncryptionConfiguration setting
• Reports a vulnerability if a workgroup with query history lacks encryption configuration for results
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.