Posted On: Dec 8, 2022

Today, Amazon IoT Device Defender launched a new audit check Amazon IoT policy potentially misconfigured to identify certain potential misconfigurations in IoT policies. Security misconfigurations such as overly permissive policies can be a major cause of security incidents. With this new audit check in Amazon IoT Device Defender, you can now more easily identify flaws, troubleshoot issues, and take the necessary corrective actions.

Amazon IoT Device Defender helps in identifying IoT policies with permissive allow statements where devices could get access to unintended resources. It also inspects for use of MQTT wildcards in deny statements that could potentially be circumvented by devices when replacing wildcards with specific strings. This happens because MQTT wildcards don't act as wildcards in IoT Core policies and are instead treated as literal strings.

This feature is available in all regions where Amazon IoT Device Defender is available, including Amazon Web Services China (Beijing) region, operated by Sinnet, and Amazon Web Services China (Ningxia) region, operated by NWCD.

If you use Amazon IoT Device Defender, you can enable the new audit check feature here. If you are new to Amazon IoT Device Defender, you can increase the security posture of your IoT device with the one-click process in the Amazon IoT console. For more information, refer to Amazon IoT Device Defender documentation.