Tuesday, September 21, 2021
HomeTechnologyLightspin: 46% of AWS S3 buckets could be misconfigured and unsafe

Lightspin: 46% of AWS S3 buckets could be misconfigured and unsafe

Lightspin: 46% of AWS S3 buckets could be misconfigured and unsafe

Elevate your technology and enterprise data strategy to Transform 2021.

Bad cloud configurations put organizations at significant risk, according to a new analysis of Amazon Web Services (AWS) Simple Storage Service (S3) buckets from Lightspin, a cloud security provider. Extensive research of 40,000 AWS buckets and their cloud storage permissions revealed that 46% of AWS S3 buckets could be misconfigured and therefore should be considered unsafe, Lightspin said.

S3 configuration errors are a big problem

Above: A diagram that explains how AWS assesses access and assigns definitions to objects in S3 buckets.

Image Credit: Lightspin

Poorly configured S3 buckets can open up your cloud environment to an enormous level of risk. Public read access can lead to a data breach, while public write access can launch malware or encrypt data to hold your business ransom.

Some AWS cloud storage permissions are currently complex and even obtuse, because one of the AWS access options is defined as “Objects Can Be Public”. Because AWS evaluates the access permissions of all files at the bucket level, rather than at the object level, an object’s ACL is ignored. In short, the definition “Objects can be public” does not allow organizations to definitively understand whether their objects are accessible or not. The diagram above can help visualize which objects would be assigned to this classification.

Lightspin’s research found that over 40% of AWS S3 buckets have this definition attached, in addition to the 4% that are defined as public. As part of this research, the company created a free, open-source Python tool that analyzes the entire cloud environment and clarifies which objects are public and which are not.

Read Lightspin’s comprehensive research on the risks of misconfigured S3 buckets.


VentureBeat’s mission is to be a digital public place for technical decision-makers to learn about transformative technology and conduct transactions. Our site provides essential information on data technologies and strategies to guide you in managing your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the topics that interest you
  • our newsletters
  • Closed thought leader content and discounted access to our popular events, such as Transform 2021: Learn more
  • networking features, and more

Become a member




Please enter your comment!
Please enter your name here

Most Popular

Recent Comments