| 🛡️ AWS Account Config is not enabled in all regions🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS CloudFront Web Distribution Default Root Object is not configured🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS CloudFront Web Distribution uses default SSL/TLS certificate🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS CloudFront Web Distribution uses Dedicated IP for SSL🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Auto Scaling Group behind ELB assigns public IP to instances🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Auto Scaling Group Capacity Rebalancing is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Auto Scaling Group does not span multiple Availability Zones🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Instance with an auto-assigned public IP address is in a default subnet🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Instance without a public IP address is in a public subnet🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ECR Repository Image Tag Mutability is set to Mutable🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ECR Repository Lifecycle Policy is not configured🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Elastic Beanstalk Environment does not have enhanced health reporting enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ELB Classic Load Balancer Connection Draining is disabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ELB Load Balancer Cross-Zone Load Balancing is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ELB Load Balancer Deletion Protection is disabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ELB Load Balancer is not registered to multiple Availability Zones🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Kinesis Stream Retention Period Hours is less than 7 days🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Lambda Function is not in multiple Availability Zones🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Lambda Function X-Ray Tracing is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS MQ ActiveMQ Broker uses the single instance deployment mode🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Network Firewall Delete Protection is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Network Firewall Policy is not associated with a rule group🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Network Firewall Policy Stateless Default Action is not Drop or Forward🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Network Firewall Rule Group Stateless Rules are empty🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS Network Firewall Subnet Change Protection is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS OpenSearch Domain Dedicated Master Count is fewer than three🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS OpenSearch Domain Instance Count is fewer than three🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Aurora Cluster access is not consistent🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Aurora Cluster Multi-AZ Deployment is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Cluster is not configured to copy all tags to snapshots🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance count has reach the service quota🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance is not configured to copy all tags to snapshots🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance Multi-AZ Deployment is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS S3 Bucket Lifecycle Configuration is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS S3 Bucket Object Lock is not enabled🟠🟢 | 1 | 🟠 x1, 🟢 x6 | no data |
| 🛡️ AWS S3 Bucket Versioning is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS SageMaker Endpoint has less than 2 instances🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS VPC Network ACL is unused🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS VPC VPN Connection does not have both Tunnels up🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure PostgreSQL Flexible Server connection_throttle.enable Parameter is not set to ON🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Resource Lock is not enabled for mission-critical resources🟢⚪ | | 🟢 x2, ⚪ x1 | no data |
| 🛡️ Azure Storage Account uses Locally Redundant Storage replication option🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Storage Blob Containers Soft Delete is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Resources Basic SKU is used for production workloads🟢⚪ | | 🟢 x2, ⚪ x1 | no data |
| 🛡️ Azure Virtual Machine is not utilizing Managed Disks🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Virtual Network has DDoS Network Protection disabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud Asset Inventory API is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud DNS Managed Zone DNSSEC is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud MySQL Instance Local_infile Database Flag is not set to off🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Instance Automated Backups are not configured🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Server Instance cross db ownership chaining Database Flag is not set to off🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GKE Cluster Alias IP is disabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GKE Cluster Alpha cluster features are enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GKE Cluster Node Pool Auto-Repair is disabled🟢 | 1 | 🟢 x6 | no data |