Aqua CSPM
ORACLENetworking

Excessive Security Lists

Quick Info

Plugin TitleExcessive Security Lists
CloudORACLE
CategoryNetworking
DescriptionDetermine if there are an excessive number of security lists in the account
More InfoKeeping the number of security lists to a minimum helps reduce the attack surface of an account. Rather than creating new groups with the same rules for each project, common rules should be grouped under the same security lists. For example, instead of adding port 22 from a known IP to every group, create a single “SSH” security group which can be used on multiple instances.
ORACLE Linkhttps://docs.cloud.oracle.com/iaas/Content/Network/Concepts/securitylists.htm
Recommended ActionLimit the number of security lists to prevent accidental authorizations

Detailed Remediation Steps

  1. Log in to the Google Oracle Platform Console.
  2. Scroll down the left navigation panel and choose the “Virtual Cloud Networks” under the “Networking.”
  3. On the “Virtual Cloud Networks” page, click on the “Name” as a link to access the “Virtual Network.”
  4. On the “Virtual Cloud Network Details” page, scroll down the left navigation panel and choose the “Security Lists” option under the “Resources.”
  5. On the “Security Lists” page, check the number of “Security Lists” and check if multiple security list is serving the same traffic rules by clicking on the “Name” as a link.
  6. Repeat steps number 2 - 5 to determine if there are an excessive number of security lists in the account which serves the same traffic rules.
  7. Navigate to “Virtual Cloud Networks” under the “Networking”, click on the “Name” as a link to access the “Virtual Network”, select the “Security List” which needs to be removed.
  8. Click on the 3 vertical dots at the extreme right of the screen to open the “Options” window of the selected “Security List."
  9. Click on the “Terminate” at the bottom of the “Options” window and click on the “Yes” button at the “Terminate Security List” tab.
  10. Repeat steps number 7 - 9 to limit the number of security lists to prevent accidental authorizations.

Cloud Security Posture Management (CSPM)

Scan, monitor and remediate configuration issues in public cloud accounts according to best practices and compliance standards, across AWS, Azure, Google Cloud, and Oracle Cloud.
Sign up for free
Cloud native security as-a-service
Aqua Wave
Get Started
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2021 Aqua Security Software Ltd.   Privacy Policy | Terms of Use