| π AWS DynamoDB Table Point In Time Recovery is not enabled π’ | 1 | π’ x6 |
| π AWS S3 Bucket MFA Delete is not enabled π π’ | 1 | π x1, π’ x6 |
| π AWS S3 Bucket Object Lock is not enabled π π’ | 1 | π x1, π’ x6 |
| π AWS S3 Bucket sensitive data is not discovered, classified, and secured π’ | | π’ x3 |
| π AWS S3 Bucket Versioning is not enabled π’ | 1 | π’ x6 |
| π Azure Databricks Unity Catalog is not configured π’ | | π’ x3 |
| π Azure Key Vault Soft Delete and Purge Protection functions are not enabled π’ | 1 | π’ x6 |
| π Azure Resource Lock is not enabled for mission-critical resources π’ | | π’ x3 |
| π Azure Storage Account Blob Service Versioning is not enabled π’ | 1 | π’ x6 |
| π Azure Storage Account Cross Tenant Replication is enabled π’ | 1 | π’ x6 |
| π Azure Storage Account uses Delete lock π’ | | π’ x3 |
| π Azure Storage Account uses ReadOnly lock π’ | | π’ x3 |
| π Azure Storage Blob Containers Soft Delete is not enabled π’ | 1 | π’ x6 |
| π Azure Storage File Shares Soft Delete is not enabled π’ | 1 | π’ x6 |
| π Google BigQuery Sensitive Data Protection is not in use π’ | | π’ x3 |
| π Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on π’ | 1 | π’ x6 |