Security Holes

Evaluate configuration gaps.

The Security Holes page evaluates your cloud storage resources against security best practices and flags misconfigurations, policy violations, and other weaknesses that could expose your data to risk.

Overview

Each row in the findings grid represents a specific security check (e.g. "S3 bucket logging disabled" or "RDS instance not encrypted at rest") and shows how many resources failed that check. Expand any row to see the individual affected resources.

Filters

Use the filter bar to narrow down findings to what matters most to you.

Severity Filter

Select one or more severity levels to include in the results:

Severity

Meaning

Critical

Immediate risk of data exposure or breach

High

Significant risk that should be addressed promptly

Medium

Moderate risk worth addressing in your next cycle

Low

Minor risk or informational finding

By default, Critical and High are selected.

Service Type Filter

Filter findings by cloud service type. Current items include S3, EFS, FSx, and more. Add and remove resources in the 'Service' filter section.

Result Filter

Option

Meaning

Found

The issue exists — the check failed

Not Found

No issue — the check passed

By default, only Found results are shown (i.e. actual problems).

Public Checks Toggle

The Public Checks toggle in the filter bar shows or hides a subset of 14 checks specifically related to public access exposure. These span a range of AWS Services including S3, EBS snapshots, EFS, and more. They are hidden by default to reduce noise but are worth reviewing regularly.

Open Issues Toggle

Activate the 'Open Issues Only' toggle to only display findings that have currently open issues. Turn the slider off to view all issues that surface from the given filter.

Findings Grid

The grid shows one row per security check. Columns include:

Column

Description

Check Name

Name of the security check

Severity

Badge showing Critical / High / Medium / Low

Account

AWS account where this was found

Resource Count

Number of resources failing this check

Last Updated

When this check last ran

Interact with the Filter section to surface the findings relevant to you.

View Options

Use the view toggle in the top right to switch between:

Findings view: The default grid showing individual checks and resources
Summary view: An aggregated view grouped by category or severity
Trends View: A graph view describing open issues over time and number of open issues by severity

Remediating Findings

DataDefender surfaces misconfigurations but does not automatically remediate them. Use the findings here as a prioritized list of actions to take in your AWS console or infrastructure-as-code tooling.

For each finding, consider:

Is this a known/accepted risk? Document it in your risk register.
Is this a misconfiguration? Fix it in AWS and verify the check clears on the next scan.
Is this related to an active threat? Cross-reference with Suspected Attacks.

PreviousSuspected Attacks NextSupporting Information

Last updated 1 month ago

hashtagOverview

hashtagFilters

hashtagSeverity Filter

hashtagService Type Filter

hashtagResult Filter

hashtagPublic Checks Toggle

hashtagOpen Issues Toggle

hashtagFindings Grid

hashtagView Options

hashtagRemediating Findings