Critical

Ensure there is no unrestricted inbound access to TCP port 22 (SSH)

Security & Compliance
ISO 27001
PCI-DSS
HITRUST
NIST 800-53
CIS
CISAWSF
APRA
MAS
NIST4
AWS Well-Architected Framework
Description

A security group controls and limits the network access to your VPC or resource. Port 22 (SSH) allows remote connection and control over a resource. Therefore, it is recommended NOT to allow access from the internet threw this port, and limit it using security groups. Allowing unrestricted SSH access can increase opportunities for malicious activity such as hacking, man-in-the-middle attacks (MITM) and brute-force attacks. Ensuring your security groups allow inbound access to port 22 (SSH) to only IP addresses that require it can reduce this kind of risk.

Remediation

Review your security groups inbound rules and in case SSH access is required, limit it to only specific IP addresses that require it and not for all.

Enforced Resources
Security Group
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.