Determine if security group has all outbound ports or protocols open to the public
Security groups should be created on a per-service basis and avoid allowing all ports or protocols in order to implement the Principle of Least Privilege (POLP) and reduce the attack surface.
Modify the security group tp restrict access to only those IP addresses and/or IP ranges that require it.