<  Back to rules search

GCP Bucket Contents Downloaded Without Authentication

gcp

Classification:

attack

Tactic:

Technique:

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Goal

Detect unauthenticated access to an object in a GCS bucket (bucket_name).

Strategy

Monitor GCS bucket (bucket_name) for get requests(@evt.name:storage.objects.get) made by unauthenticated users (@usr.id).

Triage and response

Investigate the logs and determine whether or not the accessed bucket: {{bucket_name}} should be accessible to unauthenticated users.