|
|
|
|
|
|
by david_obrien
1570 days ago
|
|
|
A wildcarded principle by itself doesn't mean too much. There are settings outside of the S3 bucket access policy that can mean "it doesn't matter what the bucket thinks". This here is something other products typically don't check, and because of that create a lot of noise that a person has to check through.
https://www.youtube.com/watch?v=kMi5PSyFu8s Other products only look at properties in isolation. As I mentioned the SG rules only become security relevant if many other things in an environment are also true, ARGOS checks for those, others typically don't. Only one example of our "context awareness". The diagram shows the "kill chain" of how someone could laterally move through your environment, again something others typically don't do. I said it before, we don't find more, we help you find the ones in the noise that actually matter from a security point of view. |
|
|