- Knowledge base
- Network & System Security
- Troubleshooting
-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & conditions
-
Dashboard
Cloud services scanning and compliance audit
Cloud services, e.g. AWS, offers RDS (Relational Database Service), which is a managed service for databases. Using a managed service makes it easier to install and maintain a database. However, security assessment can be more challenging in such databases, since the vendor seals them.
For example, it might not be possible to access a system schema to determine if a database is vulnerable or not.
Cloud services can be provided as-a-service, which might mean that no IP addresses nor web app URL are available, only a hostname and port is available.
- The associated IPs are dynamic and can change, hence you can’t scan it.
- Even though you can find an IP, it is not accurate to scan it because it might change the other minute and your RDS instance is also spread out over several IP addresses.
It is in this case more relevant to do an Audit for the cloud service.
Each cloud provider has their recommendations on how to do so, like for AWS (external links):
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/RDS-compliance.html