| 📝 AWS API Gateway API Access Logging in CloudWatch is not enabled 🟢 | 1 | 🟠 x1, 🟢 x5 |
| 📝 AWS API Gateway API Execution Logging in CloudWatch is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 AWS CloudFront Distribution Logging is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 AWS CloudTrail Log File Validation is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 AWS CloudTrail S3 Bucket Access Logging is not enabled. 🟢 | 1 | 🟢 x6 |
| 📝 AWS EKS Cluster Logging is not enabled for all control plane logs types 🟢 | 1 | 🟢 x6 |
| 📝 AWS S3 Bucket Server Access Logging is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 AWS VPC Flow Logs are not enabled 🟢 | 1 | 🟠 x1, 🟢 x5 |
| 📝 Azure Diagnostic Setting captures Administrative, Alert, Policy, and Security categories 🟢 | 1 | 🟢 x6 |
| 📝 Azure Diagnostic Setting for Azure Key Vault is not enabled 🟢 | | 🟢 x3 |
| 📝 Azure Network Security Group Flow Logs retention period is less than 90 days 🟢 | 1 | 🟢 x6 |
| 📝 Azure SQL Server Auditing is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests 🟢 | 1 | 🟢 x6 |
| 📝 Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests 🟢 | 1 | 🟢 x6 |
| 📝 Azure Subscription Integration With Microsoft Defender For Cloud Apps is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Subscription Integration With Microsoft Defender For Endpoint is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Subscription Log Analytics Agent is not auto provisioned 🟢 | 1 | 🟢 x6 |
| 📝 Azure Subscription Microsoft Defender For IoT Hub is not set to On 🟢 | | 🟢 x3 |
| 📝 Azure Subscription Security Alert Notifications additional email address is not configured 🟢 | 1 | 🟢 x6 |
| 📝 Azure Subscription Security Alert Notifications for alerts with High or Critical severity are not configured 🟢 | 1 | 🟢 x6 |
| 📝 Azure Subscription Security Alert Notifications to subscription owners are not configured 🟢 | 1 | 🟢 x6 |
| 📝 Microsoft Defender External Attack Surface Monitoring (EASM) is not enabled 🟢 | | 🟢 x3 |