In 2018 I added S3 bucket monitoring to my SaaS, Cronitor.io but we eventually retired it because AWS seems mostly to have solved this.
It’s hard in the console to make buckets public, it’s obvious when they are, and Amazon sends emails about public buckets just in case you’re not using the console.
There is the AWS S3 service and the S3 protocol. While I agree all AWS S3 buckets are usually created without public access by default, I can't say for other providers offering S3 compatible storage services.
You still have the risk that someone somewhere is using some random copy/pasted terraform/cloud formation recipes or aws cli commads that grant public access on an account that is bound to an email address nobody ever reads without realizing the consequences.
It’s hard in the console to make buckets public, it’s obvious when they are, and Amazon sends emails about public buckets just in case you’re not using the console.