/
AWS-EC2-Excessive-Security-Groups

AWS-EC2-Excessive-Security-Groups

Owned by naveen
Dec 06, 2021

Severity : Medium

Description : Keeping the number of security groups to a minimum helps reduce the attack surface of an account. Rather than creating new groups with the same rules for each project, common rules should be grouped under the same security groups. For example, instead of adding port 22 from a known IP to every group, create a single SSH security group which can be used on multiple instances.

Remediation Steps : Limit the number of security groups to prevent accidental authorizations

Related content

AWS-EC2-EC2-LaunchWizard-Security-Groups
AWS-EC2-EC2-LaunchWizard-Security-Groups
Blue Hexagon Documentation
More like this
AWS-EC2-Public-IP-Address-EC2-Instances
AWS-EC2-Public-IP-Address-EC2-Instances
Blue Hexagon Documentation
Read with this
AWS-EC2-Open-SSH
AWS-EC2-Open-SSH
Blue Hexagon Documentation
More like this
AWS-EC2-EC2-Max-Instances
AWS-EC2-EC2-Max-Instances
Blue Hexagon Documentation
More like this
AWS-EC2-Default-Security-Group
AWS-EC2-Default-Security-Group
Blue Hexagon Documentation
More like this
AWS-EC2-Open-RFC-1918
AWS-EC2-Open-RFC-1918
Blue Hexagon Documentation
More like this

Blue Hexagon Proprietary