Here’s a New Free Tool to Discover Unprotected Cloud Storage Instances

The IDC cloud security survey 2021 states that as many as 98% of
companies were victims of a cloud data breach within the past 18
months.

Fostered by the pandemic, small and large organizations from all
over the world are migrating their data and infrastructure into a
public cloud, while often underestimating novel and cloud-specific
security or privacy issues.

Nearly every morning, the headlines are full of sensational news
about tens of millions of health or financial records being found
in unprotected cloud storage like AWS S3 buckets, Microsoft Azure
blobs or another cloud-native storage service by the growing number
of smaller cloud security providers.

ImmuniWeb, a rapidly growing application security vendor that
offers a variety of AI-driven products, has announced this week
that its free Community Edition^[1], running over 150,000
daily security tests, now has one more online tool – cloud security
test^[2].

To check your unprotected cloud storage, you just need to enter
your main website URL and wait a few minutes:

ImmuniWeb says that the free test detects cloud storage from 19
cloud service providers, including AWS, Azure and GCP. You can see
in the results the region or country your cloud data is stored for
the purpose of compliance with GDPR or other national privacy laws
and regulations.

According to ImmuniWeb, the technology behind the test leverages
OSINT, big data and smart prediction technology based on Machine
Learning to discover unprotected cloud buckets belonging to your
company.

To prevent using its new tool for potentially malicious
purposes, free registration and account validation are required to
gather the URLs of your exposed cloud buckets. The tool is also
equipped with a free API available after registration for DevOps
and cybersecurity teams.

An awesome differentiator of ImmuniWeb’s cloud security test is
that you don’t need to enter your cloud credentials, contrasted to
most open-sourced or commercial cloud monitoring tools that require
IAM credentials to enumerate your cloud assets and instances.
Another feature that we liked is coverage of medium-sized cloud
service providers, such as Oracle Cloud or IBM Cloud.

Moreover, many regional players like SberCloud from Russia or
Chinese Alibaba Cloud are also on the radar, helping organizations
to detect regional cloud presence or shadow cloud accounts:

ImmuniWeb also provides a paid version of all-in-one Attack
Surface Management (ASM) and Dark Web Monitoring solution ImmuniWeb Discovery^[3]. ImmuniWeb claims that
Discovery detects considerably more external cloud assets,
encompassing cloud-based load balancers, databases, repositories,
container management and orchestration software being exposed to
the Internet. The on-premises and cloud-based IT assets are then
correlated with the Dark Web findings to provide a threat-aware
risk scoring to the customers who may also use Discovery to assess
their suppliers and prevent supply chain attacks.

Cloud ASM has become an extremely hot topic in 2021 for
end-users, vendors, and investors. In July, Microsoft announced its
acquisition of another market player RiskIQ for more than $500
million, while Mandiant has recently absorbed Intrigue, an ASM
startup, known for its open-sourced version.

ImmuniWeb promises in its press release “many more exciting
features soon”, so we will keep an eye on their ongoing efforts and
awesome tools they share with the cybersecurity community. To
prevent your cloud data from being exposed on the Internet,
consider implementing CIS Benchmarks for Cloud^[4] and then run ImmuniWeb
free cloud security test^[5]
to validate your security controls.