Detections
Analytics

Tenable Cloud Security Policies Search

IDNameCSPDomainSeverity
AC_AWS_0616Ensure Code Signing is enabled for AWS Lambda functionsAWSData Protection
HIGH
AC_AZURE_0079Ensure that 'Unattached disks' are encrypted with 'Customer Managed Key' (CMK)AzureData Protection
MEDIUM
AC_AZURE_0152Ensure disk encryption is enabled for Azure Linux Virtual Machine Scale SetAzureData Protection
MEDIUM
AC_AZURE_0163Ensure that the Expiration Date is set for all Secrets in RBAC Key VaultsAzureData Protection
HIGH
AC_AZURE_0167Ensure the Key Vault is RecoverableAzureData Protection
MEDIUM
AC_AWS_0056Ensure automatic minor version upgrade is enabled for Amazon Relational Database Service (Amazon RDS) instancesAWSData Protection
HIGH
AC_AWS_0068Ensure public access is disabled for AWS Database Migration Service (DMS) instancesAWSData Protection
HIGH
AC_AWS_0093Ensure potential AWS_ACCESS_KEY_ID information is not disclosed in container definition for AWS ECS serviceAWSData Protection
HIGH
AC_AWS_0094Ensure potential CLIENT_ID information is not disclosed in container definition for AWS ECS serviceAWSData Protection
HIGH
AC_AWS_0111Ensure KMS customer managed keys are used for encryption for AWS ElasticSearch DomainsAWSData Protection
MEDIUM
AC_AWS_0128Ensure S3 encryption configuration is configured for AWS Glue CrawlersAWSData Protection
MEDIUM
AC_AWS_0129Ensure CloudWatch log encryption is enabled for AWS Glue CrawlersAWSData Protection
MEDIUM
AC_AWS_0155Ensure at-rest server side encryption (SSE) is enabled for data stored in AWS Kinesis ServerAWSData Protection
HIGH
AC_AWS_0157Ensure KMS customer managed keys are used for encryption in AWS Kinesis StreamsAWSData Protection
HIGH
AC_AWS_0207Ensure S3 bucket encryption 'kms_master_key_id' is not empty or nullAWSData Protection
HIGH
AC_AWS_0208Ensure at-rest server side encryption (SSE) is enabled using default encryption keys for AWS ECR RepositoryAWSData Protection
MEDIUM
AC_AWS_0372Ensure root volumes are encrypted for the AWS WorkspacesAWSData Protection
MEDIUM
AC_AWS_0381Ensure public access is disabled for AWS Neptune cluster instancesAWSData Protection
MEDIUM
AC_AWS_0429Ensure at-rest server side encryption (SSE) is enabled using AWS KMS for AWS S3 BucketsAWSData Protection
HIGH
AC_AWS_0468Ensure encryption is enabled for AWS Athena DatabaseAWSData Protection
HIGH
AC_AWS_0547Ensure there is an encrypted connection between AWS CloudFront server and Origin serverAWSData Protection
HIGH
AC_AWS_0592Ensure that encryption is enabled for EFS file systemsAWSData Protection
HIGH
AC_AZURE_0021Ensure Soft Delete is Enabled for Azure Containers and Blob StorageAzureData Protection
MEDIUM
AC_AZURE_0028Ensure that the Expiration Date is set for all Keys in Non-RBAC Key Vaults.AzureData Protection
HIGH
AC_AZURE_0036Ensure the storage account containing the container with activity logs is encrypted with Customer Managed KeyAzureData Protection
MEDIUM
AC_AZURE_0143Ensure that 'Unattached disks' are encrypted in Azure Managed DiskAzureData Protection
MEDIUM
AC_AZURE_0197Ensure custom script extensions are not used in Azure Windows Virtual MachineAzureData Protection
MEDIUM
AC_AZURE_0200Ensure custom script extensions are not used in Azure Virtual MachineAzureData Protection
MEDIUM
AC_AZURE_0233Ensure the storage account containing the container with activity logs is encrypted with BYOK (Use Your Own Key)AzureData Protection
MEDIUM
AC_AZURE_0241Ensure that 'Data encryption' is set to 'On' on a SQL DatabaseAzureData Protection
MEDIUM
AC_AZURE_0294Ensure encryption is enabled for Azure Data Lake StoreAzureData Protection
MEDIUM
AC_AZURE_0299Ensure that Azure Data Explorer uses disk encryption in Azure Kusto ClusterAzureData Protection
MEDIUM
AC_AZURE_0317Ensure that string variables are encrypted for Azure Automation VariableAzureData Protection
MEDIUM
AC_AZURE_0319Ensure that date-time variables are encrypted for Azure Automation VariableAzureData Protection
MEDIUM
AC_AZURE_0325Ensure that Microsoft Defender for Storage is set to 'On'AzureData Protection
MEDIUM
AC_AZURE_0326Ensure that Microsoft Defender for SQL servers on machines is set to 'On'AzureData Protection
MEDIUM
AC_AZURE_0348Ensure that 'OS and Data' disks are encrypted with Customer Managed Key (CMK) - azurerm_windows_virtual_machine_scale_setAzureData Protection
MEDIUM
AC_AZURE_0367Ensure Soft Delete is Enabled for Azure StorageAzureData Protection
MEDIUM
AC_AZURE_0548Ensure disk encryption is enabled for Azure Linux Virtual MachineAzureData Protection
MEDIUM
AC_AZURE_0551Ensure geo-redundant backups are enabled for Azure MySQL Flexible ServerAzureData Protection
HIGH
AC_AZURE_0561Ensure Virtual Machines are utilizing Managed DisksAzureData Protection
MEDIUM
AC_GCP_0229Ensure VM Disks for Critical VMs Are Encrypted With Customer-Supplied Encryption Keys (CSEK)GCPData Protection
MEDIUM
AC_K8S_0043Ensure that the API Server only makes use of Strong Cryptographic CiphersKubernetesData Protection
MEDIUM
AC_AWS_0052Ensure automated backups are enabled for Amazon Relational Database Service (Amazon RDS) instancesAWSData Protection
HIGH
AC_AWS_0053Ensure IAM authentication is enabled for Amazon Relational Database Service (Amazon RDS) instancesAWSData Protection
MEDIUM
AC_AWS_0071Ensure encryption at rest is enabled for AWS DocumentDB clustersAWSData Protection
MEDIUM
AC_AWS_0078Ensure customer managed keys (CMK) are used for server side encryption (SSE) of AWS DyanamoDB tablesAWSData Protection
MEDIUM
AC_AWS_0079Ensure default encryption is enabled for AWS EBS VolumesAWSData Protection
HIGH
AC_AWS_0089Ensure potential DATABASE information is not included in container definition for AWS ECS serviceAWSData Protection
HIGH
AC_AWS_0090Ensure SECRET information is not included in container definition for AWS ECS serviceAWSData Protection
HIGH