Tag
medium
advisory
AWS EBS Encryption Disabled
2 rules 2 TTPsDetects when Amazon Elastic Block Store (EBS) encryption by default is disabled in an AWS region, potentially leading to data exposure and weakening data protection against exfiltration or ransomware.
Elastic Block Store
aws
ebs
encryption
cloudtrail
2r
2t
medium
advisory
AWS EC2 EBS Snapshot Access Permissions Removed
2 rules 4 TTPsDetection of AWS EC2 EBS snapshot access permissions removal can indicate malicious attempts to disrupt data recovery, evade detection, or maintain exclusive backup access, leading to increased attack impact and incident response complexity.
EC2 +1
aws
ebs
snapshot
impact
2r
4t