You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It seems like this query is a bit too broad which makes it noisy, for http/https ports specifically I don't think this should report, especially not as a high severity. That being said, sensitive ports like telnet, ssh, database, etc should definitely report for unrestricted ingress rules. Should we update the rule to not report on ports 80/443 specifically, or allow configuration to declare "non-sensitive ports" that this query could use to be tuned and reduce noise?
The text was updated successfully, but these errors were encountered:
chrisisbeef
changed the title
query(<platform>): unrestricted_security_group_ingress
query(Terraform): unrestricted_security_group_ingress
Jan 14, 2025
Platform
Terraform
Provider
AWS
Description
It seems like this query is a bit too broad which makes it noisy, for http/https ports specifically I don't think this should report, especially not as a high severity. That being said, sensitive ports like telnet, ssh, database, etc should definitely report for unrestricted ingress rules. Should we update the rule to not report on ports 80/443 specifically, or allow configuration to declare "non-sensitive ports" that this query could use to be tuned and reduce noise?
The text was updated successfully, but these errors were encountered: