My journey on finding and reporting databases with sensitive data about Fortune-500 companies, Hospitals, Crypto platforms, Startups during due diligence, and more. Table Of Contents OverviewBackgroundMy HypothesisScanningBI & Automation: From thousands to hundredsExamples of data I foundConclusionOverviewIt is easy to find misconfigured assets on cloud services, by scanning the CIDR blocks (IP ra
![How I Discovered Thousands of Open Databases on AWS](https://cdn-ak-scissors.b.st-hatena.com/image/square/77e699c360817bf5e4abad8de224b752a5d3b040/height=288;version=1;width=512/https%3A%2F%2Fmiro.medium.com%2Fv2%2Fresize%3Afit%3A1200%2F1%2ANxOo3DS3ZzyWxGvxSwIqyw.png)