Nearly All Cybersecurity Companies Expose AWS Assets – Report
Some 97% of multinational cybersecurity vendors have exposed assets in their AWS environments, many of them classed as high severity issues, according to Reposify.
The US startup used its scanning technology to analyze the cloud environments of a sample of 35 vendors and over 350 subsidiaries.
During a two-week window in January, Reposify’s external attack surface management (EASM) platform discovered 200,000 exposed cloud assets. Over two-fifths (42%) of these were identified as high severity issues – far higher than the 30% average across all industries.
Vulnerable software and improper access controls were the most common issues relating to high severity exposure.
Worryingly, more than half (51%) of the security vendors studied had at least one database exposed to attackers, while 40% had developer tools wide open to threat actors and 37% exposed storage and backup tools – mainly FTP (57%).
Eighty percent had exposed network assets, and even more (86%) of the security vendors analyzed had at least one sensitive remote access service exposed to the internet. Of the latter, OpenSSH (90%) was more common than RDP (47%).
Some 91% of Nginx and Apache web servers hosted exposed assets, according to the report.
Yaron Tal, founder and CTO at Reposify, argued that security vendors must lead by example and harden their external attack surface as digital initiatives grow.
“Despite domain expertise and in-depth knowledge of cyber risk, our findings clearly demonstrate how cybersecurity companies still have critical security blind spots,” he added.
“Distributed assets mean no industry is immune to cyber-threats. It’s critical that every organization arm security teams with complete, 24/7 visibility. Asset inventories are ever-changing; only a real-time automated inventory can keep security personnel up to date for shortened time to remediation.”