Technology Definitions
Cloud Computing

Misconfiguration

Definition

A cloud misconfiguration is an error in the setup of a cloud asset that leaves it vulnerable to attack. This can include incorrect settings, overly permissive policies, or failure to follow security best practices.

Why It Matters

Misconfigurations are the most common cause of cloud security incidents. Even on a secure cloud platform, a simple user error in configuration can expose sensitive data to the entire internet.

Contextual Example

A classic and frequent misconfiguration is an S3 bucket in AWS being accidentally set to "public", making all of its contents readable by anyone on the internet. Another is a firewall rule that allows unrestricted access from `0.0.0.0/0`.

Common Misunderstandings

  • Cloud Security Posture Management (CSPM) tools are designed to automatically detect and alert on these misconfigurations.
  • This falls under the customer's responsibility in the Shared Responsibility Model.

Related Terms

Cloud Security Posture ManagementShared Responsibility ModelCloud Security

Last Updated: December 17, 2025