AWS EC2 Security Starts With Visibility

AWS EC2 Security Starts With Visibility


Share on linkedin
Share on facebook
Share on twitter

Elastic Compute Cloud (or in short EC2) is an infrastructure-as-a-service offering and one of the widely adopted services in the AWS platform. 

EC2 allows businesses to rent units or computer power, storage, and keep track of companies’ entire network infrastructure. 

Using EC2 allows developers to run virtual machines and gives the IT and DevOps teams the capacity to run cloud workload on AWS data centers. Developers can easily choose the desired scale and instance capacity, run multiple instances in parallel, autoscale and define policies in one interface. 

EC2 has transformed the way teams work and empowered them through extensive control and flexibility over various aspects of their infrastructure. But with great power comes great responsibility. 

Alongside the many benefits, the adoption of EC2 created new security risks for organizations as well as increased their external attack surface as each EC2 instance is  a potential entry point into sensitive environments.

Today, any DevOps engineer with the right credit card number, can easily setup and configure the server. Any unintentional misconfiguration in the EC2  during the setup process can lead to a critical exposure which is likely to  go unnoticed. But not by attackers. They can easily find such exposures while scanning the web. 

According to 2020 Verizon’s breach report, human errors represent the third most common reason for breaches, and misconfiguration is the most common error type. 

In April 2020, Natura cosmetics, one of the largest online retailers in Brazil, left two unprotected Amazon servers which contained over 272 gigabytes of data. According to the reports, approximately 250K of Natura’s customers were affected in one way or the other, and their personal information was stolen. 

The key takeaway from this case and other similar cases is that EC2 users need a way to identify and manage every external-facing service which is hosted on their EC2 accounts and gain a clear understanding of the associated risks in real-time. 

Discovering and eliminating unintentional exposures, unpatched vulnerabilities and other risks in your EC2 account must be automated, continuous and simple.  This is exactly what led us to integrate Reposify with AWS EC2.

How does it work?

With this latest integration our users can review their full EC2 Network Interfaces inventory within Reposify’s platform and gain a 360 degree view of their network interface IPs hosted on EC2.

This integration delivers 2 way visibility:

From the inside-out: Reposify collects various parameters from your AWS EC2 accounts such as public IP, private IP,  Instance status,Instance ID, MAC address, Lifecycle and Platform name.

From the outside-in: Reposify will automatically identify exposures, misconfigurations and security issues for all the IP addresses and provide additional insights relating to the version, service, certificate, banner, and more.  

Put Reposify’s real-time exposure and risks discovery capabilities to work for your EC2 accounts. 

See What Your Attack Surface Looks Like Right Now

New call-to-action

Reposify is an attack surface management platform delivering autonomous 24/7 discovery of exposed assets across all environments and the supply chain. Leading enterprises worldwide use Reposify to gain unparalleled visibility of their internet-facing assets and actionable security insights for eliminating shadow IT risks in real-time


Share on linkedin
Share on facebook
Share on twitter

Ready to discover your External Attack Surface?

Read Next

Why Only EASM can provide the protection necessary to guard against RCE threat

In April, VMware issued a series of patches to guard against vulnerabilities in a number of products. Among the most critical is CVE-2022-22954, a remote code execution RCE threat that puts organizations at risk of cyber attack. Only EASM can provide thorough cybersecurity protection against remote code execution hacks, with real-time asset monitoring and identification and clear, actionable insights for immediate intervention.

Detect to protect: Reposify’s EASM flags exposed assets vulnerable to Microsoft SMB (CVE-2022-26809)

Microsoft covered more than 100 vulnerabilities in April's security update, among them patches to critical remote code execution (RCE) vulnerabilities located in Microsoft’s SMB. In response Reposify's EASM platform scanned and identified 800,000+ nodes with open SMB protocol on both patched and unpatched systems. Read our latest blog and learn how Reposify's EASM can detect unknown exposed assets vulnerable to Microsoft’s SMB.

Security teams: here’s why you should choose EASM over Shodan?

If you are using Shodan to search for your company’s assets or perform reconnaissance as part of blue or red teams routines - you need to keep reading.