| Medium | [DEV] GuardDuty: EC2 instance communicating with known C2 domain | Amazon GuardDuty · Dev | 2025-09-27 04:18:04 UTC | |
| Medium | [DEV] S3: Public READ detected on bucket logs-archive | Amazon S3 · Dev | 2025-09-27 03:52:10 UTC | |
| High | [DEV] WAF: SQLi pattern blocked on /api/v1/search | AWS WAF · Dev | 2025-09-27 03:36:51 UTC | |
| Low | [DEV] IAM: Access key unused for 90 days (user: dataops) | AWS Identity and Access Management · Dev | 2025-09-27 03:16:22 UTC | |
| Low | [DEV] Security Hub: SSM agent not installed on 2 instances | AWS Security Hub · Dev | 2025-09-27 03:04:05 UTC | |
| Medium | [DEV] CloudTrail: Root API call detected (GetAccountSummary) | AWS CloudTrail · Dev | 2025-09-27 02:52:33 UTC | |
| Medium | [DEV] Inspector: Critical CVE on AMI base (openssl) | Amazon Inspector · Dev | 2025-09-27 02:35:18 UTC | |
| Low | [DEV] RDS: Publicly accessible flag enabled on dev snapshot | Amazon RDS · Dev | 2025-09-27 02:19:51 UTC | |
| Low | [DEV] KMS: Key scheduled for deletion still referenced by service account | AWS Key Management Service · Dev | 2025-09-27 02:07:10 UTC | |
| Low | [DEV] EKS: Node joined cluster with outdated AMI baseline | Amazon EKS · Dev | 2025-09-27 01:55:42 UTC | |
| Medium | [DEV] Lambda: Over-permissive IAM policy attached to function | AWS Lambda · Dev | 2025-09-27 01:44:07 UTC | |
| Medium | [DEV] API Gateway: Spike in 5xx responses from edge API | Amazon API Gateway · Dev | 2025-09-27 01:33:55 UTC | |
| Low | [DEV] CloudFront: Origin shield disabled for high-traffic distribution | Amazon CloudFront · Dev | 2025-09-27 01:22:29 UTC | |
| Medium | [DEV] VPC Flow Logs: Unusual port scan pattern from 198.51.100.24 | Amazon VPC · Dev | 2025-09-27 01:12:43 UTC | |
| High | [DEV] ECR: Image scan detected HIGH severity CVE (openssl) | Amazon ECR · Dev | 2025-09-27 01:01:16 UTC | |
| Medium | [DEV] Secrets Manager: Secret rotated outside policy window | AWS Secrets Manager · Dev | 2025-09-27 00:51:02 UTC | |
| High | [DEV] Kinesis: Stream exposed via overly permissive resource policy | Amazon Kinesis · Dev | 2025-09-27 00:40:28 UTC | |
| Low | [DEV] DynamoDB: Point-in-time recovery disabled for critical table | Amazon DynamoDB · Dev | 2025-09-27 00:28:15 UTC | |
| Medium | [DEV] ElastiCache: Redis cluster not enforcing TLS | Amazon ElastiCache · Dev | 2025-09-27 00:17:49 UTC | |
| Medium | [DEV] SNS: Public subscription created on internal topic | Amazon SNS · Dev | 2025-09-27 00:05:33 UTC | |
