AWS IoT Device Defender Adds Four New Checks to its Audit Capability

By GIXnews

You can now use AWS IoT Device Defender Audit to check for devices in your fleet that: (1) have overly permissive permissions (e.g., admin permissions, access to metadata actions, data plane actions, or security auditing services); (2) have access to services that haven’t been used in over 365 days; (3) use OpenSSL versions on Debian-based operating systems that have been identified as having predictable cryptographic keys making them susceptible to brute force attacks; or (4) use Infineon RSA library versions that have been identified to mishandle RSA key generation making them susceptible to hacking.

Source:: Amazon AWS