Synopsis
Activation Period |
14 Days |
Training Period |
30 Days |
Test Period |
N/A (single event) |
Deduplication Period |
5 Days |
Required Data |
|
Detection Modules |
Cloud |
Detector Tags |
|
ATT&CK Tactic |
|
ATT&CK Technique |
|
Severity |
Low |
Description
A data asset was publicly shared.
Attacker's Goals
- The attacker wants to maintain indirect control over the resource.
- The attacker intends to allow public access, making it harder to detect future activity.
- Attackers are constantly monitoring for public assets to steal sensitive information.
Investigative actions
- Check if the identity intended to change the state of the data asset to public.
- Change the access policy for the affected asset.
- Restrict permissions for the identity if needed.