Application security company ImmuniWeb SA today released a new online test that rapidly detects unprotected cloud storage on Amazon Web Services, Microsoft Azure, Google Cloud Platform and 16 other public cloud service providers.

The new free test is offered as part of the ImmuniWeb Community Edition, a set of free online tools already provided by the company. Community Edition allows users to verify application security, privacy and compliance, detect phishing, domain squatting and Dark Web exposure. The new free test enables cybersecurity and information technology professionals to identify quickly their organization’s unprotected cloud storage to prevent data leaks and security incidents.

Unprotected cloud storage exposures have become a dime a dozen over the last two to three years as more and more companies switch their data to the cloud. In some circumstances, cloud storage may require public access to provide external users with public data such as images or videos. Still, ImmuniWeb points out that in reality, misconfigured and unprotected cloud storage is one of the most widespread causes of disastrous data leaks and breaches.

ImmuniWeb argues that the situation is exacerbated by the swift proliferation of small cloud providers that offer cloud storage services with insecure settings by default. Modern cloud storage services share similar weaknesses stemming from incorrect access policies, excessive identity and access management or IAM permissions, or even wholly missing authorization mechanisms.

The new online test by ImmuniWeb aims to solve these challenges by providing cybersecurity and DevOps teams with a simple way to detect unprotected cloud storage, detect IAM misconfigurations, discover shadow cloud accounts and prevent cloud-related data leaks and breaches.

Launching a test is as simple as entering the URL of the company. The free test shows cloud storage that belongs to or is attributable to the company and sheds light on other misconfiguration as well, such as missing encryption. The test takes up to 15 minutes.

Support is provided for AWS, Azure, GCP, IBM Cloud, Alibaba Cloud, Oracle Cloud, Linode, Vultr, Dreamobjects, Digital Ocean, Rackspace Cloud, Wasabi, Backblaze, Mail.ru Cloud, Yandex.Cloud, Tencent and Storj.

“The leading cloud providers, such as AWS, have a full spectrum of powerful tools and services that can instantly detect and automatically remediate misconfigurations in their cloud environments,” Ilia Kolochenko, chief architect and chief executive at ImmuniWeb, said in a statement. “Unfortunately, many organizations of all sizes struggle to properly implement Cloud Security Posture Management due to complexity or lack of technical skills.”

Image: ImmuniWeb