| π AWS Account Multi-Region CloudTrail is not enabled π’ | 1 | π’ x6 |
| π AWS API Gateway API Access Logging in CloudWatch is not enabled π’ | 1 | π x1, π’ x5 |
| π AWS API Gateway API Execution Logging in CloudWatch is not enabled π’ | 1 | π’ x6 |
| π AWS CloudTrail Log File Validation is not enabled π’ | 1 | π’ x6 |
| π AWS CloudTrail S3 Bucket Access Logging is not enabled. π’ | 1 | π’ x6 |
| π AWS S3 Bucket Server Access Logging is not enabled π’ | 1 | π’ x6 |
| π AWS VPC Flow Logs are not enabled π’ | 1 | π x1, π’ x5 |
| π Azure Diagnostic Setting captures Administrative, Alert, Policy, and Security categories π’ | 1 | π’ x6 |
| π Azure Diagnostic Setting for Azure Key Vault is not enabled π’ | | π’ x3 |
| π Azure Network Security Group Flow Logs retention period is less than 90 days π’ | 1 | π’ x6 |
| π Azure SQL Server Auditing is not enabled π’ | 1 | π’ x6 |
| π Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests π’ | 1 | π’ x6 |
| π Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests π’ | 1 | π’ x6 |
| π Azure Subscription Log Analytics Agent is not auto provisioned π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For IoT Hub is not set to On π’ | | π’ x3 |
| π Azure Subscription Security Alert Notifications additional email address is not configured π’ | 1 | π’ x6 |
| π Azure Subscription Security Alert Notifications for alerts with High severity are not configured π’ | 1 | π’ x6 |
| π Azure Subscription Security Alert Notifications to subscription owners are not configured π’ | 1 | π’ x6 |
| π Microsoft Defender External Attack Surface Monitoring (EASM) is not enabled π’ | | π’ x3 |
| π Microsoft Defender For Cloud Integration With Microsoft Defender For Cloud Apps is not enabled π’ | 1 | π’ x6 |
| π Microsoft Defender For Cloud Integration With Microsoft Defender For Endpoint is not enabled π’ | 1 | π’ x6 |