All major cloud providers offer a vast ecosystem of services covering compute, storage, networking, identity, and application delivery. Each service introduces its own set of risks, shaped by how it is configured, integrated, and exposed.
While individual services may appear isolated, real-world environments are composed of interconnected systems. Misconfigurations in one area often cascade into others, creating compound risk across security, compliance, operational stability, and cost.
We summarise all the checks SkySiege makes against all the supported cloud providers services in our system.
AWS Cloud9 is a cloud-based development environment that introduces risks around access control, credential exposure, and unmanaged development workflows.
AWS CloudFront is a content delivery network that can introduce risks through misconfigured caching, exposure of sensitive content, and insecure edge configurations.
AWS CloudTrail provides audit logging across AWS accounts, with risks arising from disabled logging, incomplete coverage, or insecure log storage.
AWS Cognito manages authentication and user identity, with risks around weak configurations, token exposure, and improper access controls.
AWS EC2 provides virtual compute capacity, with risks including insecure configurations, unpatched systems, and excessive network exposure.
AWS EFS provides shared file storage, with risks related to access control, data exposure, and insecure mounting across environments.
AWS EKS runs managed Kubernetes clusters, with risks arising from misconfigured workloads, insecure cluster access, and poor isolation.
AWS Elastic Load Balancing distributes traffic, with risks including insecure listeners, weak TLS configurations, and unintended exposure of services.
AWS IAM controls access across AWS services, with risks centered on excessive permissions, weak policies, and lack of governance.
AWS Lambda enables serverless execution, with risks including excessive permissions, insecure integrations, and lack of visibility.
AWS RDS provides managed databases, with risks including exposure, weak authentication, and lack of encryption or backup controls.
AWS Route 53 manages DNS, with risks including domain hijacking, misconfigured records, and lack of DNS security controls.
AWS S3 provides object storage, with risks including public data exposure, misconfigured permissions, and lack of encryption.
