AC_AZURE_0143 | Ensure that 'Unattached disks' are encrypted in Azure Managed Disk | Azure | Data Protection | MEDIUM |
AC_AWS_0161 | Ensure deletion window for Customer Managed Keys (CMK) is enabled for AWS Key Management Service (KMS) | AWS | Security Best Practices | HIGH |
S3_AWS_0006 | Ensure bucket policy is enforced with least privileges for all AWS S3 buckets - Terraform Version 1.x | AWS | Identity and Access Management | HIGH |
AC_AWS_0420 | Ensure there is no policy with Empty array Condition | AWS | Identity and Access Management | LOW |
AC_AZURE_0386 | Ensure That 'Notify about alerts with the following severity' is Set to 'High' | Azure | Logging and Monitoring | MEDIUM |
AC_AZURE_0378 | Ensure that Azure Active Directory Admin is configured | Azure | Identity and Access Management | HIGH |
AC_AZURE_0371 | Ensure 'Trusted Microsoft Services' are Enabled for Storage Account Access | Azure | Infrastructure Security | HIGH |
AC_AZURE_0380 | Ensure no SQL Databases allow ingress 0.0.0.0/0 (ANY IP) | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0239 | Ensure That 'All users with the following roles' is set to 'Owner' | Azure | Logging and Monitoring | MEDIUM |
S3_AWS_0012 | Ensure AWS S3 Buckets are not world-listable for anonymous users - Terraform Version 1.x | AWS | Identity and Access Management | HIGH |
AC_AZURE_0406 | Ensure that Advanced Threat Protection (ATP) on a SQL Server is Set to 'Enabled' | Azure | Infrastructure Security | HIGH |
AC_AWS_0096 | Ensure encryption is enabled for AWS EFS file systems | AWS | Data Protection | HIGH |
S3_AWS_0013 | Ensure there are no world-writeable AWS S3 Buckets - Terraform Version 1.x | AWS | Identity and Access Management | HIGH |
S3_AWS_0014 | Ensure there are no world-readable AWS S3 Buckets - Terraform Version 1.x | AWS | Identity and Access Management | HIGH |
S3_AWS_0001 | Ensure at-rest server side encryption (SSE) is enabled using AWS KMS for AWS S3 Buckets - Terraform Version 1.x | AWS | Data Protection | HIGH |
AC_AZURE_0285 | Ensure that SSH access is restricted from the internet | Azure | Infrastructure Security | HIGH |
S3_AWS_0002 | Ensure at-rest server side encryption (SSE) is enabled using default encryption keys for AWS S3 Buckets - Terraform Version 1.x | AWS | Data Protection | HIGH |
S3_AWS_0015 | Ensure S3 bucket encryption 'kms_master_key_id' is not empty or null - Terraform Version 1.x | AWS | Data Protection | HIGH |
AC_AZURE_0419 | Ensure that Network Security Group Flow Log retention period is 'greater than 90 days' | Azure | Resilience | MEDIUM |
AC_AWS_0132 | Ensure no root user account access key exists | AWS | Identity and Access Management | HIGH |
AC_AZURE_0342 | Ensure that RDP access is restricted from the internet | Azure | Infrastructure Security | HIGH |
AC_AZURE_0357 | Ensure that UDP Services are restricted from the Internet | Azure | Infrastructure Security | HIGH |
AC_AZURE_0169 | Ensure that logging for Azure KeyVault is 'Enabled' | Azure | Logging and Monitoring | HIGH |
S3_AWS_0005 | Ensure MFA Delete is enable on S3 buckets - Terraform Version 1.x | AWS | Security Best Practices | HIGH |
AC_AWS_0209 | Ensure MFA Delete is enable on S3 buckets | AWS | Security Best Practices | HIGH |
AC_AWS_0207 | Ensure S3 bucket encryption 'kms_master_key_id' is not empty or null | AWS | Data Protection | HIGH |
S3_AWS_0003 | Ensure S3 bucket encryption 'kms_master_key_id' is not empty or null - Terraform Version 1.x | AWS | Data Protection | HIGH |
AC_AWS_0552 | Ensure MFA is enabled for the "root user" account | AWS | Compliance Validation | HIGH |
AC_AWS_0033 | Ensure CloudTrail logs are encrypted at rest using KMS CMKs | AWS | Logging and Monitoring | HIGH |
AC_AWS_0080 | Ensure EBS volume encryption is enabled | AWS | Data Protection | HIGH |
AC_AWS_0034 | Ensure CloudTrail is enabled in all regions | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0160 | Ensure rotation for customer created CMKs is enabled | AWS | Data Protection | HIGH |
AC_AWS_0369 | Ensure VPC flow logging is enabled in all VPCs | AWS | Logging and Monitoring | LOW |
AC_AWS_0427 | Ensure hardware MFA is enabled for the "root user" account | AWS | Compliance Validation | HIGH |
AC_AWS_0038 | Ensure CloudTrail trails are integrated with CloudWatch Logs | AWS | Logging and Monitoring | MEDIUM |