Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
Wiz
FIN-731
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Not Verified
What It Detects
A Wiz-monitored Lambda function has a resource-based policy that allows public invocation. This means any unauthenticated user on the internet can invoke the function, potentially executing arbitrary code, accessing internal resources, or exploiting the function's IAM role to pivot deeper into the cloud environment.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
Connectors
match
Wiz
Extra Data
and
[{'key': 'Key', 'value': 'wiz.lambda_policy_no_public_access', 'operator': 'match'}, {'key': 'Value', 'value': 0, 'operator': 'match'}]
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum