OCI-Networking-Excessive-Security-Lists
Severity : Medium
Description : Keeping the number of security lists to a minimum helps reduce the attack surface of an account. Rather than creating new groups with the same rules for each project, common rules should be grouped under the same security lists. For example, instead of adding port 22 from a known IP to every group, create a single SSH security group which can be used on multiple instances.
Remediation Steps : Limit the number of security lists to prevent accidental authorizations
Â
Blue Hexagon Proprietary