Detections
Analytics

Tenable Cloud Security Policies Search

IDNameCSPDomainSeverity
AC_GCP_0202Ensure Oracle DB (UDP:2483) is not exposed to more than 32 private hosts for Google Compute FirewallGCPInfrastructure Security
LOW
AC_GCP_0203Ensure Oracle DB (UDP:2483) is not exposed to public for Google Compute FirewallGCPInfrastructure Security
MEDIUM
AC_GCP_0204Ensure Oracle DB (UDP:2483) is not exposed to entire internet for Google Compute FirewallGCPInfrastructure Security
HIGH
AC_GCP_0206Ensure Oracle DB (TCP:2483) is not exposed to public for Google Compute FirewallGCPInfrastructure Security
MEDIUM
AC_GCP_0207Ensure Oracle DB (TCP:2483) is not exposed to entire internet for Google Compute FirewallGCPInfrastructure Security
HIGH
AC_GCP_0208Ensure Oracle DB (TCP:1521) is not exposed to more than 32 private hosts for Google Compute FirewallGCPInfrastructure Security
LOW
AC_GCP_0210Ensure Oracle DB (TCP:1521) is not exposed to entire internet for Google Compute FirewallGCPInfrastructure Security
HIGH
AC_GCP_0220Ensure Hadoop Name Node (TCP:9000) is not exposed to more than 32 private hosts for Google Compute FirewallGCPInfrastructure Security
LOW
AC_GCP_0226Ensure FTP (TCP:20) is not exposed to more than 32 private hosts for Google Compute FirewallGCPInfrastructure Security
LOW
AC_GCP_0227Ensure FTP (TCP:20) is not exposed to public for Google Compute FirewallGCPInfrastructure Security
MEDIUM
AC_GCP_0235Ensure encryption is enabled for Google Cloud Storage BucketsGCPInfrastructure Security
MEDIUM
AC_AWS_0270Ensure Security Groups do not have unrestricted specific ports open - Oracle Database Server (TCP,1521)AWSInfrastructure Security
HIGH
AC_AWS_0311Ensure Cassandra Client (TCP:9042) is not exposed to entire internetAWSInfrastructure Security
HIGH
AC_AWS_0362Ensure MongoDB' (TCP,27017) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0511Ensure Cassandra Internode Communication (TCP:7000) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0512Ensure Cassandra Monitoring (TCP:7199) is not exposed to entire internetAWSInfrastructure Security
HIGH
AC_AWS_0518Ensure Cassandra OpsCenter Website (TCP:8888) is not exposed to entire internetAWSInfrastructure Security
HIGH
AC_AWS_0522Ensure Cassandra Thrift (TCP:9160) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0541Ensure Oracle DB (UDP:2483) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0212Ensure there are no publicly writeable and readable AWS S3 BucketsAWSIdentity and Access Management
HIGH
AC_AZURE_0394Ensure only SSL connections are enabled for Azure Redis CacheAzureInfrastructure Security
MEDIUM
AC_AZURE_0354Ensure that VPN Encryption is enabled for Azure Virtual WANAzureInfrastructure Security
MEDIUM
AC_AZURE_0121Ensure HTTPS is enabled for Azure Windows Function AppAzureInfrastructure Security
MEDIUM
AC_AZURE_0125Ensure that the IP Forwarding feature for Microsoft Azure virtual machines is disabledAzureInfrastructure Security
MEDIUM
AC_AWS_0317Ensure Elasticsearch (TCP,9200) is not accessible by a public CIDR block rangeAWSInfrastructure Security
HIGH
AC_AWS_0318Ensure Elasticsearch (TCP,9300) is not accessible by a public CIDR block rangeAWSInfrastructure Security
HIGH
AC_AWS_0370Ensure default VPC is not used for AWS VPCAWSSecurity Best Practices
MEDIUM
AC_AWS_0509Ensure Cassandra Internode Communication (TCP:7000) is not exposed to entire internetAWSInfrastructure Security
HIGH
AC_AWS_0514Ensure Cassandra Monitoring (TCP:7199) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0517Ensure Cassandra OpsCenter Monitoring (TCP:61620) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0528Ensure LDAP (UDP:389) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0529Ensure LDAP (UDP:389) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0534Ensure Memcached SSL (UDP:11211) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0544Ensure Redis without SSL (TCP:6379) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0211Ensure AWS S3 Buckets are not listable for Authenticated users groupAWSIdentity and Access Management
HIGH
AC_AWS_0065Ensure Amazon Relational Database Service (Amazon RDS) instance is not open to more than 256 hostsAWSInfrastructure Security
HIGH
AC_AWS_0066Ensure Amazon Relational Database Service (Amazon RDS) instances do not have public interface definedAWSInfrastructure Security
HIGH
AC_AWS_0394Ensure secure ciphers are used for AWS CloudFront distributionAWSData Protection
HIGH
AC_AZURE_0261Ensure public network access is disabled for Azure Data FactoryAzureInfrastructure Security
MEDIUM
AC_AZURE_0308Ensure public access is disabled for Azure MySQL Single ServerAzureInfrastructure Security
HIGH
AC_AZURE_0353Ensure a site-to-site VPN functionality by making use of Azure Virtual WANAzureInfrastructure Security
MEDIUM
AC_AZURE_0374Ensure a firewall is attached to Azure SQL ServerAzureInfrastructure Security
MEDIUM
AC_AZURE_0383Ensure that 'Threat Detection' is enabled for Azure SQL DatabaseAzureLogging and Monitoring
MEDIUM
AC_GCP_0248Ensure default service account is not used at organization level for Google CloudGCPIdentity and Access Management
HIGH
AC_K8S_0049Ensure ALLOW-with-positive-matching exist for Istio Authorization ObjectKubernetesInfrastructure Security
MEDIUM
AC_K8S_0118Ensure overly broad host configuration is not allowed for Istio GatewayKubernetesInfrastructure Security
HIGH
AC_AWS_0097Ensure VPC is enabled for AWS Redshift ClusterAWSInfrastructure Security
MEDIUM
AC_AWS_0123Ensure access logging is enabled for AWS ELBAWSLogging and Monitoring
MEDIUM
AC_AWS_0164Ensure VPC access is enabled for AWS Lambda FunctionsAWSInfrastructure Security
MEDIUM
AC_AWS_0392Ensure public IP address is not used AWS EC2 instancesAWSInfrastructure Security
HIGH