Skip to main content

💼 Threat Protection

  • Contextual name: 💼 Threat Protection
  • ID: /frameworks/cloudaware/resource-security/threat-protection
  • Located in: 💼 Resource Security

Description

Policies for identifying resources that do not implement configurations used to mitigate potential security threats.

Similar

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags

Policies (27)

PolicyLogic CountFlags
📝 AWS Account Security Hub is not enabled 🟢1🟠 x1, 🟢 x5
📝 AWS API Gateway REST API Stage is not associated with a WAF Web ACL 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted CIFS traffic 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted DNS traffic 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted FTP traffic 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted ICMP traffic 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted NetBIOS traffic 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted RPC traffic 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted SMTP traffic 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to all ports 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to MongoDB 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to MSSQL 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to MySQL 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to Oracle DBMS 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted traffic to PostgreSQL 🟢1🟢 x6
📝 AWS EC2 Security Group allows unrestricted Telnet traffic 🟢1🟢 x6
📝 AWS RDS Instance uses default endpoint port 🟢1🟢 x6
📝 Azure App Service Remote Debugging is not disabled 🟢1🟢 x6
📝 Azure Databricks Workspace is not deployed in a customer-managed virtual network (VNet) 🟢1🟢 x6
📝 Azure Storage File Shares SMB Protocol Version is not set to SMB 3.1.1 or higher 🟢1🟢 x6
📝 Azure Virtual Machine Endpoint Protection is not installed 🟢🟢 x3
📝 Azure Virtual Machine Trusted Launch is not enabled 🟢1🟢 x6
📝 Azure Virtual Machine Unapproved Extensions are installed 🟢🟢 x3
📝 Google Cloud DNS Managed Zone DNSSEC is not enabled 🟢1🟢 x6
📝 Google Cloud PostgreSQL Instance Log_min_duration_statement Database Flag is not set to -1 (Disabled) 🟢1🟢 x6
📝 Google Cloud SQL Server Instance external scripts enabled Database Flag is not set to off 🟢1🟢 x6
📝 Google GCE Instance is launched without Shielded VM enabled 🟢1🟢 x6