Skip to main content

💼 Threat Protection

  • ID: /frameworks/cloudaware/resource-security/threat-protection

Description

Policies for identifying resources that do not implement configurations used to mitigate potential security threats.

Similar

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (31)

PolicyLogic CountFlagsCompliance
🛡️ AWS API Gateway REST API Stage is not associated with a WAF Web ACL🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted CIFS traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted DNS traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted FTP traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted ICMP traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted NetBIOS traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted RPC traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted SMTP traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to all ports🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MongoDB🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MSSQL🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to MySQL🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to Oracle DBMS🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted traffic to PostgreSQL🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted Telnet traffic🟢1🟢 x6no data
🛡️ AWS ECR Repository Manual Scanning is enabled🟢1🟢 x6no data
🛡️ AWS GuardDuty is not enabled in all regions🟢1🟢 x6no data
🛡️ AWS RDS Instance uses default endpoint port🟢1🟢 x6no data
🛡️ AWS Security Hub is not enabled🟢1🟢 x6no data
🛡️ AWS WAF Rule Group has no WAF Rules🟢1🟠 x1, 🟢 x5no data
🛡️ AWS WAF Web ACL has no WAF Rules or WAF Rule Groups🟢1🟠 x1, 🟢 x5no data
🛡️ Azure App Service Remote Debugging is not disabled🟢1🟢 x6no data
🛡️ Azure Databricks Workspace is not deployed in a customer-managed virtual network (VNet)🟢1🟢 x6no data
🛡️ Azure Storage File Shares SMB Protocol Version is not set to SMB 3.1.1 or higher🟢1🟢 x6no data
🛡️ Azure Virtual Machine Endpoint Protection is not installed🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure Virtual Machine Trusted Launch is not enabled🟢1🟢 x6no data
🛡️ Azure Virtual Machine Unapproved Extensions are installed🟢⚪🟢 x2, ⚪ x1no data
🛡️ Google Cloud DNS Managed Zone DNSSEC is not enabled🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance Log_min_duration_statement Database Flag is not set to -1 (Disabled)🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance external scripts enabled Database Flag is not set to off🟢1🟢 x6no data
🛡️ Google GCE Instance is launched without Shielded VM enabled🟢1🟢 x6no data