AC_AZURE_0443 | Ensure SNMP (Udp:161) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0453 | Ensure web port (TCP:3000) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0461 | Ensure POP3 (TCP:110) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0462 | Ensure POP3 (TCP:110) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0468 | Ensure Oracle DB SSL (TCP:2484) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0474 | Ensure NetBIOS Session Service (TCP:139) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0476 | Ensure NetBIOS Datagram Service (Udp:138) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0477 | Ensure NetBIOS Datagram Service (Udp:138) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0478 | Ensure NetBIOS Datagram Service (Udp:138) is not exposed to entire internet for Azure Network Security Rule | Azure | Infrastructure Security | HIGH |
AC_AZURE_0482 | Ensure NetBIOS Name Service (Udp:137) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0488 | Ensure MySQL (TCP:3306) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0493 | Ensure Mongo Web Portal (TCP:27018) is not exposed to entire internet for Azure Network Security Rule | Azure | Infrastructure Security | HIGH |
AC_AZURE_0497 | Ensure Memcached SSL (Udp:11215) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0510 | Ensure MSSQL Server (TCP:1433) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0516 | Ensure MSSQL Browser (Udp:1434) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0518 | Ensure MSSQL Admin (TCP:1434) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0531 | Ensure Hadoop Name Node (TCP:9000) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AWS_0147 | Ensure full administrative privileges are not created and are attached to a role using AWS IAM Role Policy | AWS | Identity and Access Management | HIGH |
AC_AWS_0218 | Ensure 'allow delete actions from all principals' is disabled for AWS S3 Buckets | AWS | Identity and Access Management | HIGH |
AC_AWS_0411 | Ensure there is no IAM policy with empty SID value | AWS | Identity and Access Management | LOW |
AC_AWS_0416 | Ensure there is no IAM policy with a condition element having ForAnyValue Condition Operator with empty key-value pair | AWS | Identity and Access Management | LOW |
AC_AWS_0421 | Ensure there is no IAM policy with empty array resource | AWS | Identity and Access Management | LOW |
AC_AZURE_0124 | Ensure latest TLS version is in use for Azure Windows Function App | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0239 | Ensure That 'All users with the following roles' is set to 'Owner' | Azure | Logging and Monitoring | MEDIUM |
AC_AWS_0161 | Ensure deletion window for Customer Managed Keys (CMK) is enabled for AWS Key Management Service (KMS) | AWS | Security Best Practices | HIGH |
AC_AWS_0270 | Ensure Security Groups do not have unrestricted specific ports open - Oracle Database Server (TCP,1521) | AWS | Infrastructure Security | HIGH |
AC_AWS_0311 | Ensure Cassandra Client (TCP:9042) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0362 | Ensure MongoDB' (TCP,27017) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0511 | Ensure Cassandra Internode Communication (TCP:7000) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0512 | Ensure Cassandra Monitoring (TCP:7199) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0518 | Ensure Cassandra OpsCenter Website (TCP:8888) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0522 | Ensure Cassandra Thrift (TCP:9160) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0541 | Ensure Oracle DB (UDP:2483) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_GCP_0195 | Ensure that multi-factor authentication is enabled for all non-service accounts | GCP | Identity and Access Management | LOW |
AC_AWS_0211 | Ensure AWS S3 Buckets are not listable for Authenticated users group | AWS | Identity and Access Management | HIGH |
AC_AWS_0420 | Ensure there is no policy with Empty array Condition | AWS | Identity and Access Management | LOW |
AC_AWS_0155 | Ensure at-rest server side encryption (SSE) is enabled for data stored in AWS Kinesis Server | AWS | Data Protection | HIGH |
AC_AWS_0159 | Ensure customer master key (CMK) is not disabled for AWS Key Management Service (KMS) | AWS | Resilience | HIGH |
AC_AWS_0235 | Ensure Security Groups do not have unrestricted specific ports open - Elasticsearch (TCP,9300) | AWS | Infrastructure Security | HIGH |
AC_AWS_0250 | Ensure Security Groups do not have unrestricted specific ports open - Memcached SSL (UDP,11214) | AWS | Infrastructure Security | HIGH |
AC_AWS_0251 | Ensure Security Groups do not have unrestricted specific ports open - Memcached SSL (UDP,11215) | AWS | Infrastructure Security | HIGH |
AC_AWS_0255 | Ensure Security Groups do not have unrestricted specific ports open - NetBIOS Name Service (UDP,137) | AWS | Infrastructure Security | HIGH |
AC_AWS_0260 | Ensure Security Groups do not have unrestricted specific ports open - Oracle DB SSL (TCP,2484) | AWS | Infrastructure Security | HIGH |
AC_AWS_0261 | Ensure Security Groups do not have unrestricted specific ports open - Oracle DB SSL (UDP,2484) | AWS | Infrastructure Security | HIGH |
AC_AWS_0266 | Ensure Security Groups do not have unrestricted specific ports open - SNMP (UDP,161) | AWS | Infrastructure Security | HIGH |
AC_AWS_0271 | Ensure Security Groups do not have unrestricted specific ports open - Telnet (TCP,23) | AWS | Infrastructure Security | HIGH |
AC_AWS_0273 | Ensure Security Groups do not have unrestricted specific ports open - CIFS for file/printer (TCP,445) | AWS | Infrastructure Security | HIGH |
AC_AWS_0277 | Ensure SaltStack Master (TCP,4505) is not accessible by a public CIDR block range | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0279 | Ensure CIFS / SMB (TCP,3020) is not accessible by a public CIDR block range | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0281 | Ensure Cassandra (TCP,7001) is not accessible by a public CIDR block range | AWS | Infrastructure Security | MEDIUM |