Cloud based resources that have direct Internet access can be mis-configured to allow for unauthorized access or have unpatched vulnerabilities putting the customer at risk. 47% of companies have at least one database or storage bucket exposed to the internet. An exposed S3 bucket, with a common name, was exposed in 13 hours. An S3 bucket, referenced in a Github repo, was exposed in 7 hours.

NephoSec TrūQuery™ brings additional functionality and value to your chosen CNAPP or Cloud Native tooling by looking from the outside in at your highest risk Cloud Resources that are vulnerable to attacks. 

Click here to try TruQuery™ for free!

  • Immediate validation of public access to storage containers upon launch or change
  • Multi-Cloud Coverage via ICS Bots – AWS / Azure / GCP
  • AWS Only Coverage – CloudWatch activates Public Storage Validation API. 
  • Confirmation email is sent post public validation with list of the first 5 contained objects to prioritize container remediation

Available Now!

Cloud Storage Public Access API

Test each of your organization’s Cloud Storage Containers on launch and drift to know for sure whether they can be accessed publicly

Pen Test Analysis:

  • Is Container reachable via public internet access?
  • List contained objects if accessible

Supported Platforms: AWS, Azure, & GCP

  • API consumed testing of internet facing resources
  • Vulnerability notification on launch and drift
  • Reduce false positives…focus on the highest risk vulnerabilities

Cloud Compute Public Access & Vulnerabilities

Test each of your organization’s Cloud Compute Instances on launch and drift to know for sure whether they can be reached publicly

Pen Test Analysis:

  • Is Compute Instance  reachable via public internet access?
  • List accessible Ports & Known Vulnerabilities

Supported Platforms: AWS, Azure, & GCP

Click here to try TruQuery™ for free!

NephoSec’s InsightCloudSec Value Acceleration
NephoSec’s Wiz Value Acceleration