AC_AZURE_0174 | Ensure 'ReadOnly' cache is enabled on OS disks with read heavy operations to get higher read IOPS for Azure Image | Azure | Compliance Validation | LOW |
AC_AZURE_0225 | Ensure Power BI analysis services are defined for Azure Analysis Services Server | Azure | Compliance Validation | LOW |
AC_AZURE_0257 | Ensure Azure Active Directory (AAD) is configured for Azure Synapse Workspace | Azure | Compliance Validation | MEDIUM |
AC_AZURE_0259 | Ensure point-in-time-restore is enabled for Azure SQL Database | Azure | Compliance Validation | MEDIUM |
AC_AZURE_0331 | Ensure that Microsoft Defender for Endpoint (WDATP) integration with Microsoft Defender for Cloud is selected | Azure | Compliance Validation | MEDIUM |
AC_AZURE_0346 | Ensure provider status is in provisioned state for Azure Express Route Circuit | Azure | Compliance Validation | LOW |
AC_AZURE_0377 | Ensure usage of names like 'Admin' are avoided for Azure SQL Server | Azure | Compliance Validation | MEDIUM |
AC_GCP_0132 | Ensure 'log_duration' database flag for Cloud SQL PostgreSQL instance is set to 'on' | GCP | Compliance Validation | LOW |
AC_GCP_0256 | Ensure that the 'log_temp_files' database flag for Cloud SQL PostgreSQL instance is set to '0' (on) | GCP | Compliance Validation | LOW |
AC_GCP_0298 | Ensure 'log_executor_stats' database flag for Cloud SQL PostgreSQL instance is set to 'off' | GCP | Compliance Validation | LOW |
AC_K8S_0019 | Ensure that the admission control plugin EventRateLimit is set | Kubernetes | Compliance Validation | MEDIUM |
AC_AZURE_0332 | Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On' | Azure | Compliance Validation | MEDIUM |
AC_GCP_0100 | Ensure 'log_planner_stats' database flag for Cloud SQL PostgreSQL instance is set to 'off' | GCP | Compliance Validation | LOW |
AC_GCP_0253 | Ensure That the 'Log_disconnections' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'On' | GCP | Compliance Validation | LOW |
AC_GCP_0261 | Ensure 'remote access' database flag for Cloud SQL SQL Server instance is set to 'off' | GCP | Compliance Validation | LOW |
AC_GCP_0296 | Ensure Container-Optimized OS (cos_containerd) is used for GKE node images | GCP | Compliance Validation | LOW |
AC_AWS_0016 | Ensure Auto-scaling is configured for both index and tables in AWS DynamoDb | AWS | Compliance Validation | MEDIUM |
AC_AWS_0082 | Ensure AWS best practices are followed while deciding names for tags in AWS EBS volumes | AWS | Compliance Validation | LOW |
AC_AWS_0105 | Ensure slow logs (index slow logs) are enabled for AWS ElasticSearch Domain | AWS | Compliance Validation | MEDIUM |
AC_AWS_0137 | Eliminate use of the root user for administrative and daily tasks | AWS | Compliance Validation | MEDIUM |
AC_AWS_0187 | Ensure copy tags to snapshots feature is enabled for Amazon Relational Database Service (Amazon RDS) clusters | AWS | Compliance Validation | LOW |
AC_AWS_0190 | Ensure backtracking is enabled for Amazon Relational Database Service (Amazon RDS) cluster | AWS | Compliance Validation | MEDIUM |
AC_AWS_0389 | Ensure feature to compress objects automatically is configured for AWS Cloudfront | AWS | Compliance Validation | LOW |
AC_AWS_0430 | Ensure there are no unnamed AWS EC2 instances | AWS | Compliance Validation | LOW |
AC_AWS_0552 | Ensure MFA is enabled for the "root user" account | AWS | Compliance Validation | HIGH |
AC_AWS_0596 | Ensure credentials unused for 45 days or greater are disabled | AWS | Compliance Validation | LOW |
AC_AZURE_0019 | Ensure that Auto provisioning of 'Vulnerability assessment for machines' is Set to 'On' | Azure | Compliance Validation | MEDIUM |
AC_AZURE_0151 | Ensure LinuxDiagnostic is enabled for Azure Linux Virtual Machine Scale Set | Azure | Compliance Validation | MEDIUM |
AC_AZURE_0173 | Ensure 'ReadOnly' cache is enabled on Data disks with read heavy operations to get higher read IOPS for Azure Image | Azure | Compliance Validation | LOW |
AC_AZURE_0222 | Ensure failing azure functions have email alerts configured for Azure Monitor Action Group | Azure | Compliance Validation | MEDIUM |
AC_AZURE_0269 | Ensure that Accelerated Networking feature is enabled for Azure virtual machines (VMs) | Azure | Compliance Validation | LOW |
AC_AZURE_0369 | Ensure that VM agent is installed on Azure Virtual Machine | Azure | Compliance Validation | LOW |
AC_GCP_0317 | Ensure 'log_statement_stats' database flag for Cloud SQL PostgreSQL instance is set to 'off' | GCP | Compliance Validation | LOW |
AC_K8S_0024 | Ensure that the admission control plugin NamespaceLifecycle is set | Kubernetes | Compliance Validation | MEDIUM |
AC_K8S_0130 | Ensure that the --profiling argument is set to false | Kubernetes | Compliance Validation | MEDIUM |
AC_AWS_0139 | Ensure password policy requires rotation every 60 days or less for AWS IAM Account Password Policy | AWS | Compliance Validation | LOW |
AC_AZURE_0545 | Ensure usage of names like 'Admin' are avoided for Azure SQL Server | Azure | Compliance Validation | MEDIUM |
AC_GCP_0133 | Ensure 'Log_error_verbosity' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'DEFAULT' or Stricter | GCP | Compliance Validation | LOW |
AC_GCP_0250 | Ensure That the 'Local_infile' Database Flag for a Cloud SQL MySQL Instance Is Set to 'Off' | GCP | Compliance Validation | LOW |
AC_GCP_0264 | Ensure 'user Connections' Database Flag for Cloud Sql Sql Server Instance Is Set to a Non-limiting Value | GCP | Compliance Validation | LOW |
AC_GCP_0300 | Ensure that the 'Log_min_messages' Flag for a Cloud SQL PostgreSQL Instance is set at minimum to 'Warning' | GCP | Compliance Validation | LOW |
AC_GCP_0316 | Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off' | GCP | Compliance Validation | LOW |
AC_GCP_0347 | Ensure That 'cloudsql.enable_pgaudit' Database Flag for each Cloud Sql Postgresql Instance Is Set to 'on' For Centralized Logging | GCP | Compliance Validation | LOW |
AC_K8S_0085 | Minimize the admission of containers with allowPrivilegeEscalation | Kubernetes | Compliance Validation | HIGH |
AC_K8S_0128 | Minimize the admission of containers with added capabilities | Kubernetes | Compliance Validation | MEDIUM |
AC_AWS_0001 | Ensure AWS ACM only has certificates with single domain names, and none with wildcard domain names | AWS | Compliance Validation | LOW |
AC_AWS_0060 | Ensure that Multi-AZ is enabled for Amazon Relational Database Service (Amazon RDS) Instances | AWS | Compliance Validation | MEDIUM |
AC_AWS_0077 | Ensure read-write capacities are reserved for AWS DynamoDB tables | AWS | Compliance Validation | MEDIUM |
AC_AWS_0102 | Ensure redis version is compliant with AWS PCI-DSS requirements for AWS ElastiCache clusters | AWS | Compliance Validation | HIGH |
AC_AWS_0103 | Ensure memcached elasticache engines are not in use in AWS PCI-DSS environments for AWS ElastiCache clusters | AWS | Compliance Validation | HIGH |