
Imperva Security Update - snug
https://www.imperva.com/blog/ceoblog/
======
snug
> Some key decisions made during the AWS evaluation process, taken together,
> allowed information to be exfiltrated from a database snapshot. These were:
> (1) we created a database snapshot for testing; (2) an internal compute
> instance that we created was accessible from the outside world and it
> contained an AWS API key; (3) this compute instance was compromised and the
> AWS API key was stolen; and (4) the AWS API key was used to access the
> snapshot.

~~~
bifrost
This is why DLP and access controls are so important. Its a total noob
mistake, especially for a security company.

