TF 0431 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Missing description for security group.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | computing |
| Provider | Nifcloud |
Description
The security group resource is missing a meaningful description, which reduces clarity about the purpose or intent of the firewall rule. This omission makes it harder to audit, manage, and understand security group configurations.
Impact
Without descriptive context, administrators may struggle to identify the purpose of security groups, increasing the risk of misconfiguration, accidental exposure, or difficulty in incident response and compliance audits.
Resolution
Add descriptions for all security groups