Network Misconfiguration

medium

network-misconfiguration

Improper network security group or firewall rules expose resources

Information DisclosureTampering

MITRE ATT&CK techniques

ID	Name	Tactic
T1046	Network Service Discovery	Discovery

Common Weakness Enumeration

Mitigating controls

ctrl-net-1: Implement default-deny firewall rules
ctrl-net-2: Regularly audit security group configurations
ctrl-net-3: Use network segmentation
ctrl-net-4: Implement network flow logging
ctrl-net-5: Use infrastructure as code for network config

References

https://owasp.org/Top10/A05_2021-Security_Misconfiguration/