Fog Security has released YES3 Scanner, an open-source tool designed to address critical Amazon S3 security misconfigurations and enhance ransomware prevention. This tool emerges amidst a heightened focus on supply-chain attacks, cloud ransomware, and cryptocurrency attacks exploiting compromised S3 static website hosting, aiming to overcome limitations found in existing security solutions.
YES3 Scanner meticulously evaluates S3 buckets for over 10 security settings across S3 and AWS accounts, tackling common issues like false positives and misleading results from other tools. It identifies various mechanisms that could expose S3 data publicly, including Access Control Lists (ACLs), bucket policies, and bucket website hosting.
Beyond detecting public access, the scanner provides insights into preventative measures such as Account Block Public Access and Bucket Block Public Access, alongside reporting on essential security settings like bucket encryption. Crucially, it contributes to ransomware protection by detailing bucket versioning, object lock configurations, and lifecycle configurations that could inadvertently lead to data deletion.