AC_GCP_0232 | Ensure That IP Forwarding Is Not Enabled on Instances | GCP | Infrastructure Security | MEDIUM |
AC_AWS_0369 | Ensure VPC flow logging is enabled in all VPCs | AWS | Logging and Monitoring | LOW |
AC_GCP_0007 | Ensure That IAM Users Are Not Assigned the Service Account User or Service Account Token Creator Roles at Project Level - google_project_iam_binding | GCP | Identity and Access Management | HIGH |
AC_GCP_0009 | Ensure That Cloud Audit Logging Is Configured Properly | GCP | Logging and Monitoring | LOW |
AC_GCP_0133 | Ensure 'Log_error_verbosity' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'DEFAULT' or Stricter | GCP | Compliance Validation | LOW |
AC_GCP_0316 | Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off' | GCP | Compliance Validation | LOW |
AC_GCP_0371 | Ensure That the Default Network Does Not Exist in a Project - google_compute_network | GCP | Infrastructure Security | LOW |
AC_AWS_0584 | Ensure CloudTrail log file validation is enabled | AWS | Logging and Monitoring | MEDIUM |
AC_GCP_0134 | Ensure That RDP Access Is Restricted From the Internet | GCP | Infrastructure Security | HIGH |
AC_GCP_0260 | Ensure That SSH Access Is Restricted From the Internet | GCP | Infrastructure Security | HIGH |
AC_K8S_0066 | Ensure that a minimal audit policy is created | Kubernetes | Logging and Monitoring | MEDIUM |
AC_AWS_0582 | Ensure CloudTrail logs are encrypted at rest using KMS CMKs | AWS | Logging and Monitoring | HIGH |
AC_K8S_0080 | Ensure that the seccomp profile is set to docker/default in pod definitions | Kubernetes | Identity and Access Management | MEDIUM |
AC_AWS_0612 | Ensure VPC flow logging is enabled in all VPCs | AWS | Logging and Monitoring | LOW |
AC_K8S_0012 | Ensure that the --protect-kernel-defaults argument is set to true | Kubernetes | Identity and Access Management | LOW |
AC_AWS_0627 | Ensure IAM Users Receive Permissions Only Through Groups | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0634 | Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password | AWS | Compliance Validation | HIGH |
AC_AWS_0626 | Ensure CloudTrail is enabled in all regions | AWS | Logging and Monitoring | MEDIUM |
AC_K8S_0128 | Minimize the admission of containers with added capabilities | Kubernetes | Compliance Validation | MEDIUM |
AC_K8S_0101 | Minimize access to secrets | Kubernetes | Identity and Access Management | HIGH |
AC_K8S_0003 | Ensure that the --make-iptables-util-chains argument is set to true | Kubernetes | Infrastructure Security | LOW |
AC_K8S_0045 | Ensure that Service Account Tokens are only mounted where necessary | Kubernetes | Identity and Access Management | MEDIUM |
AC_K8S_0113 | Ensure that default service accounts are not actively used. | Kubernetes | Identity and Access Management | MEDIUM |
AC_K8S_0084 | Minimize the admission of containers wishing to share the host network namespace | Kubernetes | Infrastructure Security | MEDIUM |
AC_K8S_0083 | Minimize the admission of containers wishing to share the host IPC namespace | Kubernetes | Infrastructure Security | MEDIUM |
AC_K8S_0085 | Minimize the admission of containers with allowPrivilegeEscalation | Kubernetes | Compliance Validation | HIGH |
AC_K8S_0089 | Ensure that the Anonymous Auth is Not Enabled | Kubernetes | Identity and Access Management | MEDIUM |