AC_K8S_0086 | The default namespace should not be used | Kubernetes | Security Best Practices | LOW |
AC_K8S_0099 | Ensure Memory request is set for Kubernetes workloads | Kubernetes | Security Best Practices | MEDIUM |
AC_K8S_0100 | Ensure Memory request is set for Kubernetes workloads | Kubernetes | Security Best Practices | MEDIUM |
S3_AWS_0016 | Ensure MFA Delete is enabled on S3 buckets - Terraform Version 1.x | AWS | Security Best Practices | HIGH |
AC_AWS_0031 | Ensure only lower case letters are in use for resource in AWS IAM Policy | AWS | Security Best Practices | LOW |
AC_AWS_0070 | Ensure auto minor version upgrade is enabled for AWS Database Migration Service (DMS) instances | AWS | Security Best Practices | MEDIUM |
AC_AWS_0197 | Ensure KMS customer managed key (CMK) for encryption of AWS Redshift clusters | AWS | Security Best Practices | HIGH |
AC_AWS_0209 | Ensure MFA Delete is enable on S3 buckets | AWS | Security Best Practices | HIGH |
AC_AWS_0404 | Ensure Principal is removed from all AWS Organization policies | AWS | Security Best Practices | LOW |
AC_AWS_0405 | Ensure NotPrincipal is removed from all AWS Organization policies | AWS | Security Best Practices | LOW |
AC_AWS_0410 | Ensure wildcards(*) are only at end of strings in Action of AWS Organization policies | AWS | Security Best Practices | LOW |
AC_AWS_0425 | Ensure root access is disabled for AWS SageMaker Notebook instances | AWS | Security Best Practices | HIGH |
AC_AWS_0447 | Ensure image tag is immutable for Amazon Elastic Container Registry (Amazon ECR) Repository | AWS | Security Best Practices | MEDIUM |
AC_AWS_0448 | Ensure log retention period of at least 90 days retention period for AWS CloudWatch Log Group | AWS | Security Best Practices | HIGH |
AC_AWS_0561 | Ensure a log metric filter and alarm exist for IAM policy changes | AWS | Security Best Practices | HIGH |
AC_AWS_0562 | Ensure a log metric filter and alarm exist for CloudTrail configuration changes | AWS | Security Best Practices | HIGH |
AC_AWS_0568 | Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL) | AWS | Security Best Practices | HIGH |
AC_AWS_0569 | Ensure a log metric filter and alarm exist for changes to network gateways | AWS | Security Best Practices | HIGH |
AC_AWS_0572 | Ensure a log metric filter and alarm exists for AWS Organizations changes | AWS | Security Best Practices | HIGH |
AC_AWS_0606 | Ensure MFA Delete is enabled on S3 buckets | AWS | Security Best Practices | HIGH |
AC_AZURE_0109 | Ensure public IP addresses are not assigned to Azure Linux Virtual Machines | Azure | Security Best Practices | HIGH |
AC_AZURE_0115 | Ensure that authentication feature is enabled for Azure Linux Function App | Azure | Security Best Practices | LOW |
AC_AZURE_0183 | Ensure consistency level is NOT set to 'Eventual' for Azure CosmosDB Account | Azure | Security Best Practices | LOW |
AC_AZURE_0194 | Ensure that Register with Azure Active Directory is enabled on App Service | Azure | Security Best Practices | MEDIUM |
AC_AZURE_0290 | Ensure that Azure policies add-on are used for Azure Kubernetes Cluster | Azure | Security Best Practices | MEDIUM |
AC_AZURE_0360 | Ensure automatic OS upgrades are enabled for Azure Virtual Machine Scale Set | Azure | Security Best Practices | MEDIUM |
AC_AZURE_0416 | Ensure that traffic analytics is enabled via Azure Network Watcher Flow Log | Azure | Security Best Practices | MEDIUM |
AC_AZURE_0569 | Ensure that Register with Azure Active Directory is enabled on App Service - azurerm_windows_web_app | Azure | Security Best Practices | MEDIUM |
AC_GCP_0275 | Ensure multi-factor authentication is enabled for Google Compute Project Metadata | GCP | Security Best Practices | LOW |
AC_GCP_0281 | Ensure That Compute Instances Have Confidential Computing Enabled | GCP | Security Best Practices | MEDIUM |
AC_GCP_0294 | Ensure the number of instances running simultaneously are limited for Google App Engine Standard App Version | GCP | Security Best Practices | LOW |
AC_K8S_0050 | Ensure custom snippets annotations is not set to true for Ingress-nginx controller deployment's Kubernetes Config Map | Kubernetes | Security Best Practices | HIGH |
AC_K8S_0097 | Ensure CPU request is set for Kubernetes workloads | Kubernetes | Security Best Practices | MEDIUM |