Provided as a part of the ImmuniWeb Community Edition, the online test detects unprotected cloud storage in AWS, Azure, GCP and other leading public cloud service providers.
The Community Edition is a set of free online tools to verify your application security, privacy and compliance, detect phishing, domain squatting and Dark Web exposure.
The cloud security test enables cyber security and IT professionals to identify their organisation's unprotected cloud storage to prevent data leaks and security incidents.
Misconfigured and unprotected cloud storage is one of the most widespread causes of data leaks and breaches in a cloud environment, sharing similar traditional IT weaknesses stemming from incorrect usage of access policies, excessive IAM (identity access management) permissions or even completely missing authorisation mechanisms.
Shadow IT cloud accounts or unknown cloud assets make the situation even more complex in a multi-cloud environment.
To launch a test users just enter the URL of the main website of their company. It then shows cloud storage that belongs to or which is attributable to your company, and will highlight faults – including missing SSL/TLS encryption.
To prevent malicious use, free registration and account validation are required to gather the URLs of exposed cloud buckets.
The new test takes up to 15 minutes and goes through externally accessible cloud storage of the following public cloud services providers: Amazon AWS, Microsoft Azure, Google Cloud Platform, IBM Cloud, Alibaba Cloud, Oracle Cloud, Linode, Vultr, Dreamobjects, Digital Ocean, Rackspace Cloud, Wasabi, Backblaze, Mail.ru Cloud, Yandex.Cloud, Tencent and Storj.
Ilia Kolochenko, chief architect and CEO at ImmuniWeb, said: “The leading cloud providers, such as AWS, have a full spectrum of powerful tools and services that can instantly detect and automatically remediate misconfigurations in their cloud environments.
“But unfortunately, many organisations of all sizes struggle to properly implement Cloud Security Posture Management (CSPM) due to complexity or lack of technical skills.”