Neptune storage must be encrypted at rest
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | neptune |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
Neptune storage is not configured to use encryption at rest, meaning data stored on disk is left unprotected. This exposes sensitive information if the underlying storage media is accessed or compromised.
Impact#
Without encryption, attackers gaining access to Neptune storage disks could read all stored data, leading to potential data breaches, regulatory violations, and loss of sensitive or proprietary information.
Resolution#
Enable encryption of Neptune storage