Fog Security: https://www.fogsecurity.io/
Contact info@fogsecurity.io for help and feedback. Additions or feedback can be submitted here as well.
Within this repository, we have created references to help prevent ransomware. These controls will focus on ransomware targeting Amazon S3 and KMS.
See ransomware protection in this repository for more information and our accompanying blog here.
Resources:
- Resource Control Policies
- Resource-Based Policies such as Bucket Policies
- Service Control Policies
- S3 Bucket and Account Settings
This folder contains references for managing IAM Policies. This section will focus on AWS Organizational Policies.
-
Resource control policies are used to manage maximum available permissions to resources in your organization. See AWS Documentation for more information.
We provide examples of RCPs that can be used for data perimeters and data security.
-
Work in Progress
This folder contains AWS IAM references and research.
This research coveres IAM actions necessary to update and modify encryption on existing AWS resources. Modifying and updating encryption is one avenue of ransomware to remove legitimate access to data.