AWS > Ec2 >

Restrict All In Default Sg

LOW

Source

Trivy

Frameworks

CIS AWS 1.4

AVD-AWS-0173

Default security group should restrict all traffic

Configuring all VPC default security groups to restrict all traffic will encourage least privilege security group development and mindful placement of AWS resources into security groups which will in-turn reduce the exposure of those resources.

Impact

Easier to accidentally expose resources - goes against principle of least privilege

Links

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/default-custom-security-groups.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.