Product
medium
advisory
AWS KMS Key User Performing S3 Encryption Detection
2 rules 1 TTPDetection of AWS users utilizing KMS keys to perform encryption operations on S3 buckets, indicating potential misuse or malicious activity within the cloud environment.
AWS Key Management Service +3
cloud
aws
kms
s3
encryption
2r
1t
medium
advisory
AWS KMS Customer Managed Key Disabled or Scheduled for Deletion
2 rules 1 TTPAn adversary may disable or schedule the deletion of an AWS customer-managed KMS Key to cause irreversible data loss, disrupt business operations, impede incident response, or hide evidence of prior activity.
AWS Key Management Service
cloud
aws
kms
datadestruction
2r
1t