Maintained with ☕️ by
IcePanel logo

AWS IoT Device Defender Audit feature now identifies potential misconfiguration in IoT Policies

Share

Services

Today, [AWS IoT Device Defender](/iot-device-defender/) launched a new audit check AWS IoT policy potentially misconfigured to identify certain potential misconfigurations in IoT policies. Security misconfigurations such as overly permissive policies can be a major cause of security incidents. With this new audit check in AWS IoT Device Defender, you can now more easily identify flaws, troubleshoot issues, and take the necessary corrective actions. AWS IoT Device Defender helps in identifying IoT policies with permissive allow statements where devices could get access to unintended resources. It also inspects for use of MQTT wildcards in deny statements that could potentially be circumvented by devices when replacing wildcards with specific strings. This happens because [MQTT wildcards don’t act as wildcard in IoT Core policies](https://docs.aws.amazon.com/iot/latest/developerguide/pub-sub-policy.html#pub-sub-policy-cert) and are instead treated as literal strings. This feature is available in all regions where AWS IoT Device Defender is available. If you use AWS IoT Device Defender, you can enable [the new audit check feature here](https://console.aws.amazon.com/iot/home#/dd/scheduledAuditsHub). If you are new to AWS IoT Device Defender, you can increase the security posture of your IoT device with [the one-click process in the AWS console](https://console.aws.amazon.com/iot/home#/dd/auditIntro). For more information, refer to AWS IoT Device Defender [documentation](https://docs.aws.amazon.com/iot/latest/developerguide/audit-chk-iot-misconfigured-policies.html).