The dog that didn't bark: finding security holes in what's missing, not what's misconfigured
Every security scanner examines resources that exist. Nobody checks whether the resources your IAM policies reference actually exist. A deleted S3 bucket name referenced in an active policy is a structural hole — the permission is live, the resource is gone, and the name is reclaimable by any attack
ORIGINAL SOURCE →via Dev.to
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · health
- [HEALTH] From crisis to commitment: nursing students' sense of belonging during and immediately after the covid-19 pandemic.
- [HEALTH] In the name of immunity, for the sake of the sacred: An analysis of the Iranian government's response to the COVID-19 ou
- [HEALTH] Who writes the pandemic? State power, individual subjectivity, and the history of the present in China's COVID-19 respon
- [HEALTH] Knowledge, Attitudes, and Practices Regarding Arboviruses at a Human-Wildlife Interface: A Cross-Sectional Study in and
- [HEALTH] How to shore up trust during the "cold-period" between pandemics - closing the public trust gap in pandemic preparedness
- [HEALTH] Evaluation of candidate reference materials for the harmonization of Lassa fever serology.