Here are 5 common cloud misconfigurations:
| # | Misconfiguration | Description |
|---|---|---|
| 1 | Overly permissive S3 buckets | Buckets set to public-read or public-write can expose sensitive data to anyone on the internet. |
| 2 | Default security group rules | Allowing unrestricted (0.0.0.0/0) SSH (port 22) or RDP (port 3389) access opens attack vectors. |
| 3 | Lack of MFA for root or privileged accounts | Root accounts without MFA are vulnerable to credential theft and brute-force attacks. |
| 4 | Unrestricted outbound traffic | Without proper egress control, instances can communicate with malicious external endpoints. |
| 5 | Disabled logging (e.g., CloudTrail not enabled) | Limits visibility into actions taken in the cloud environment, making incident investigation difficult. |