Cloud Security Atlas
Datadog Cloud Security Atlas is a risk register for Threats and Vulnerabilities. This database gives you the ability to search and filter on your cloud provider platform, risk type, and sort by impact, exploitability, and recency.
Test out the search below by searching for specific cloud services like EBS or S3. From there you can chart your own course to understanding risk that relates to your environment.
Spotlight
-
TITLE
PLATFORM
SERVICE
RISK TYPE
EXPLOITABILITY
IMPACT
DATE
-
Publicly shared AMI
PLATFORM
SERVICE
ec2
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
Aug'24 -
IAM role can be assumed by any GitHub Action
PLATFORM
SERVICE
iam
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
high
DATE
Aug'24 -
IAM role can be assumed by anyone
PLATFORM
SERVICE
iam
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Aug'24 -
IAM user with old access keys
PLATFORM
SERVICE
iam
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Aug'24 -
Publicly shared RDS snapshot
PLATFORM
SERVICE
rds
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
high
DATE
Aug'24 -
Accessing the AWS Console using programmatic credentials
PLATFORM
SERVICE
iam
RISK TYPE
Attack
EXPLOITABILITY
high
IMPACT
low
DATE
Jul'24 -
Creating a new backdoor IAM role
PLATFORM
SERVICE
iam
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
high
DATE
Jul'24 -
Secrets exposed in Lambda function environment variables
PLATFORM
SERVICE
lambda
RISK TYPE
Vuln.
EXPLOITABILITY
low
IMPACT
high
DATE
Jul'24 -
Using Amazon SES to send spam
PLATFORM
SERVICE
ses
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
medium
DATE
Jul'24 -
Creating a new IAM user
PLATFORM
SERVICE
iam
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
high
DATE
Jul'24 -
EKS cluster allows pods to steal worker nodes' AWS credentials
PLATFORM
SERVICE
eks
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
Jul'24 -
BigQuery dataset is publicly accessible
PLATFORM
SERVICE
bigquery
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
high
DATE
Jun'24 -
EC2 instance without IMDSv2 enforced
PLATFORM
SERVICE
ec2
RISK TYPE
Vuln.
EXPLOITABILITY
low
IMPACT
high
DATE
May'24 -
Security group exposes risky ports to the internet
PLATFORM
SERVICE
ec2
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
May'24 -
Network Security Group exposes risky ports to the internet
PLATFORM
SERVICE
network
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
May'24 -
Public Azure Storage container
PLATFORM
SERVICE
storage
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
May'24 -
Stealing EC2 instance credentials through the Instance Metadata Service
PLATFORM
SERVICE
ec2
RISK TYPE
Attack
EXPLOITABILITY
high
IMPACT
medium
DATE
Feb'24 -
Active root user access keys
PLATFORM
SERVICE
iam
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Feb'24 -
Usage of the root user
PLATFORM
SERVICE
iam
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Feb'24 -
Publicly accessible RDS instance
PLATFORM
SERVICE
rds
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Feb'24 -
Publicly accessible CloudSQL instance
PLATFORM
SERVICE
cloudsql
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Feb'24 -
Firewall rule exposes risky ports to the internet
PLATFORM
SERVICE
gce
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
Feb'24 -
Compute instance using the default service account
PLATFORM
SERVICE
gce
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Feb'24 -
Compute instance does not block project-wide SSH keys
PLATFORM
SERVICE
gce
RISK TYPE
Vuln.
EXPLOITABILITY
low
IMPACT
high
DATE
Feb'24 -
Publicly shared EBS snapshot
PLATFORM
SERVICE
ec2
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
high
DATE
Dec'23 -
Lambda function is publicly accessible through function URL
PLATFORM
SERVICE
lambda
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
medium
DATE
Dec'23 -
Public S3 bucket through bucket ACL
PLATFORM
SERVICE
s3
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
Dec'23 -
Public S3 bucket through bucket policy
PLATFORM
SERVICE
s3
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
Dec'23 -
Publicly accessible SNS topic
PLATFORM
SERVICE
sns
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
medium
DATE
Dec'23 -
Publicly accessible SQS queue
PLATFORM
SERVICE
sqs
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
medium
DATE
Dec'23 -
Adversary-in-the-middle phishing
PLATFORM
SERVICE
azure-ad
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
high
DATE
Dec'23 -
Malicious OAuth application consent
PLATFORM
SERVICE
azure-ad
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
high
DATE
Dec'23 -
MFA fatigue attack
PLATFORM
SERVICE
azure-ad
RISK TYPE
Attack
EXPLOITABILITY
medium
IMPACT
medium
DATE
Dec'23 -
Known compromised IAM user access key
PLATFORM
SERVICE
iam
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
high
DATE
Dec'23 -
Stealing an EBS snapshot by creating a snapshot and sharing it
PLATFORM
SERVICE
ec2
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
high
DATE
Dec'23 -
Stopping a CloudTrail trail
PLATFORM
SERVICE
cloudtrail
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
medium
DATE
Sep'23 -
Stealing a virtual machine disk through URL sharing
PLATFORM
SERVICE
virtual-machines
RISK TYPE
Attack
EXPLOITABILITY
high
IMPACT
high
DATE
Sep'23 -
Inviting external users
PLATFORM
SERVICE
azure-ad
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
medium
DATE
Sep'23 -
Executing commands on a virtual machine through Run Command
PLATFORM
SERVICE
virtual-machines
RISK TYPE
Attack
EXPLOITABILITY
medium
IMPACT
high
DATE
Sep'23 -
Elevating access from Azure AD to Azure subscriptions
PLATFORM
SERVICE
azure-ad
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
high
DATE
Sep'23 -
Opening a Network Security Group to the Internet
PLATFORM
SERVICE
virtual-machines
RISK TYPE
Attack
EXPLOITABILITY
medium
IMPACT
medium
DATE
Aug'23 -
Creating a new Google Cloud service account
PLATFORM
SERVICE
iam
RISK TYPE
Attack
EXPLOITABILITY
high
IMPACT
high
DATE
Jun'23 -
GKE cluster does not have Workload Identity enabled
PLATFORM
SERVICE
gke
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Jun'23 -
Backdooring a Google Cloud service account through its IAM policy
PLATFORM
SERVICE
iam
RISK TYPE
Attack
EXPLOITABILITY
medium
IMPACT
high
DATE
Jun'23 -
Inviting an external user to a Google Cloud project
PLATFORM
SERVICE
iam
RISK TYPE
Attack
EXPLOITABILITY
high
IMPACT
high
DATE
Jun'23 -
Stealing a Compute Disk by sharing it
PLATFORM
SERVICE
gce
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
high
DATE
Jun'23 -
Executing commands through EC2 user data
PLATFORM
SERVICE
ec2
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
medium
DATE
Jun'23 -
Launching EC2 instances
PLATFORM
SERVICE
ec2
RISK TYPE
Attack
EXPLOITABILITY
high
IMPACT
medium
DATE
Jun'23 -
Opening a security group to the Internet
PLATFORM
SERVICE
ec2
RISK TYPE
Attack
EXPLOITABILITY
medium
IMPACT
medium
DATE
Jun'23 -
Removing VPC flow logs
PLATFORM
SERVICE
ec2
RISK TYPE
Attack
EXPLOITABILITY
low
IMPACT
medium
DATE
Jun'23 -
Compromising AWS Console credentials
PLATFORM
SERVICE
iam
RISK TYPE
Attack
EXPLOITABILITY
medium
IMPACT
high
DATE
Jun'23 -
Stealing an RDS database by creating a snapshot and sharing it
PLATFORM
SERVICE
rds
RISK TYPE
Attack
EXPLOITABILITY
medium
IMPACT
high
DATE
Jun'23 -
Unauthenticated access to exposed Kubernetes dashboard
PLATFORM
SERVICE
kubernetes
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
medium
DATE
Jun'23 -
Use of host network containers
PLATFORM
SERVICE
kubernetes
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
medium
DATE
Jun'23 -
Unauthenticated privileged access to Kubernetes API Server
PLATFORM
SERVICE
kubernetes
RISK TYPE
Vuln.
EXPLOITABILITY
high
IMPACT
high
DATE
Jun'23 -
Principals with cluster-admin access to Kubernetes
PLATFORM
SERVICE
kubernetes
RISK TYPE
Vuln.
EXPLOITABILITY
low
IMPACT
high
DATE
Jun'23 -
Container running as privileged
PLATFORM
SERVICE
kubernetes
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
May'23 -
IAM user with Console access does not have MFA
PLATFORM
SERVICE
iam
RISK TYPE
Vuln.
EXPLOITABILITY
medium
IMPACT
high
DATE
Mar'23