Information Exposure
Sensitive Data Exposure
Sensitive data exposure occurs when personally identifiable information (PII) or financial details are left unprotected, making them accessible to unauthorized parties. This can include biometric data, Social Security Numbers (SSNs), credit card details, location history, and other forms of confidential user information. Attackers can exploit such leaks for identity theft, financial fraud, or social engineering attacks. Ensuring proper encryption, access controls, and data minimization strategies can help mitigate these risks.
.png)
When reviewing reported findings in this category, you can analyze the detected data exposure and assess its severity. If an exposed dataset contains highly sensitive details like financial or government-issued identification numbers, it can be marked as Critical. If the finding is a false positive or deemed irrelevant, it can be marked as Ignored.
Secret Data Exposure
Secret data exposure refers to the accidental leakage of sensitive credentials, such as AWS access keys, authentication tokens, and API keys. These secrets, if exposed in public repositories, logs, or misconfigured servers, provide attackers direct access to critical systems. Such leaks can lead to unauthorized access, data breaches, or complete system compromise.
.png)
To manage reported findings, it's crucial to evaluate the exposed secrets. If the leaked dataset has severe impact, it should be marked as Critical. On the other hand, expired or non-sensitive keys might be left as it is or maked Ignored if they pose no real risk. However, organizations should always investigate such exposures and rotate affected keys immediately.
Cloud Misconfigurations
Misconfigured cloud storage services can lead to large-scale data exposure, as attackers often scan for open or publicly accessible cloud buckets, databases, and storage blobs. If security settings are not properly configured, sensitive business or user data can be easily accessed, modified, or even deleted. Common misconfigurations include publicly accessible S3 buckets, weak permissions on cloud databases, and missing encryption settings.
.png)
When analyzing detected misconfigurations, findings involving unrestricted access to critical business data or backups should be marked as Critical. If the report includes false positives or already mitigated issues, they can be marked as Ignored.