loading
Loading content
loading
A cloud misconfiguration is a deployment setting that weakens security without any software bug behind it. Common examples include an S3 bucket or storage container left world-readable, a security group that opens a database port to the internet, an over-broad IAM policy, an unencrypted volume, or audit logging switched off. The platform behaves exactly as configured; the configuration just hands an attacker more access than intended.
Misconfigurations dominate cloud incidents because the surface changes constantly and the default friendly settings often favor convenience over safety. A single public bucket can leak customer records, and an exposed management port invites brute force against credentials. The shared responsibility model puts these settings on the customer, so they slip past teams that assume the provider handles security.
This is one of the most productive findings in exposure management work because it is reachable from the open internet and needs no exploit, only discovery. Identity-specific cases fall under IAM misconfiguration, and an exposed metadata endpoint enables a cloud metadata attack. Tracking these at scale is the job of cloud security posture management.
In a Trickest workflow you enumerate cloud assets, probe storage and network exposure, and check posture against expected baselines on a schedule so a newly opened resource surfaces in the next run.
Related terms