User owned public EBS snapshots are accessible to any AWS user. If you have created a public EBS snapshot that may contain sensitive or private information and would like to change it to a private snapshot, follow this step-by-step guide.
A repository should not be made public unless it is intended to be so. This article provides quick steps to change the visibility of a public repository to private in GitHub.
Once configured to work with DigitalOcean, Steampipe pulls metadata about resources running in the cloud which we can then query using SQL queries.
Having IMDSv1 enabled on your instances allows attackers to use vulnerabilities like SSRF to gain access to sensitive information of your instances. In this article we will walk through the steps to update an EC2 instance from IMDSv1 to IMDSv2 using AWS CLI.
Multi factor authentication (MFA) provides an additional layer of security and must be enabled whenever possible. In this article we go through the detailed steps to enable MFA for an AWS account Root user.
Elasticsearch/OpenSearch domains that are not required to be openly accessible should be created without a public endpoint to prevent arbitrary public access to the domain.
