Data Exposure
- Exposure
What was exposed?
What caused the exposure? Application? DB?
How was exposure discovered?
Duration of exposure with time stamps?
What is the application for? What data does the application possess or was exposed?
Get exposed data? - Abuse
Who accessed the data during exposure?
What was accessed during exposure?
Validate the data is deleted by unauthorized users. - Lights On
Is the application or misconfiguration causing the exposure has been stopped?
Is the application fixed and back up?
Service down time? - Controls
What access controls were in place?
What kind of logging was in place?
What monitoring was in place?
What security endpoints were in place? - Hygiene
What assets are in scope?
What does the dat flow look like? Design documents
What are the ingress/Egress point? - Compliance - Legal
Is data related to PCI? PII?Financial?Strategical?
Vendor involvement?
Legal requirement?
Communications? - Remediations
What are the new security controls?
Are the security controls reviewed or tested?
Additional questions should be expected as information is reviewed.
