Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

A Guide to AWS S3 Buckets Security

Hand holding white card with amazon web services printed on it


Avoid Common Mistakes When Deploying Cloud-based Services

The Threat of Poor AWS S3 Buckets Security

If your organization uses Amazon Web Services (AWS), it is extremely important to understand AWS S3 buckets security. Configuring your S3 buckets the right way can mean the difference between business as usual and nearly catastrophic data leaks. If you’ve noticed in the past few years, AWS S3 data leaks are not uncommon – and it’s fairly probable that your organization is not immune to them. They have affected high-profile organizations like Verizon, Accenture, and several others in recent memory.

Further complicating matters, it’s almost impossible to discover whether or not your data was actually ever accessed. Should you believe you’ve been the target of a malicious entity, the detective work to determine the truth can be beyond frustrating.

It Doesn’t Have To Be This Way.

In this guide, I will review several security control options that AWS users can use to protect their data. Areas covered include:

  • Provisioning and Access Controls
  • Everyone and Authenticated Users
  • Versioning and Multifactor Authentication Delete
  • Logging and Monitoring
  • Encryption
  • Auditing

Become More Secure Today.

This guide serves as a thorough introduction to how you can avoid a disastrous AWS S3 bucket data leak. If you have any thoughts or suggestions on how we can improve our content, please don’t hesitate to email us or talk to us on Twitter.

Additional Resources from Bishop Fox

An Introduction to AWS Cloud Security

Investigating PrivSec Methods in AWS

IAM Vulnerable - An AWS IAM Privilege Escalation Playground

Stand Your Cloud: A Series on Securing AWS

Subscribe to Bishop Fox's Security Blog

Be first to learn about latest tools, advisories, and findings.

Gerben Kleijn

About the author, Gerben Kleijn

Managing Security Consultant

Gerben Kleijn (OSWE, CISSP) is a Managing Security Consultant for Bishop Fox, where he oversees a team of penetration testers. His focus areas include cloud penetration tests, external network penetration tests, and web application assessments as well as cloud deployment reviews for Amazon Web Services (AWS). He has advised Fortune 500 brands and startups in industries such as media, retail, and software in addition to popular websites, credit reporting agencies, and marketing platforms.

More by Gerben

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.