| 📝 AWS API Gateway REST API Stage is not associated with a WAF Web ACL 🟢 | 1 | 🟢 x6 |
| 📝 AWS CloudFront Web Distribution Default Root Object is not configured 🟢 | 1 | 🟢 x6 |
| 📝 AWS DMS Replication Instance is publicly accessible 🟢 | 1 | 🟢 x6 |
| 📝 AWS EBS Snapshot is publicly accessible 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Auto Scaling Group behind ELB assigns public IP to instances 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Default Security Group does not restrict all traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Instance with an auto-assigned public IP address is in a default subnet 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted CIFS traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted DNS traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted FTP traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted ICMP traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted NetBIOS traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted RPC traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted SMTP traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted traffic to MongoDB 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted traffic to MSSQL 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted traffic to MySQL 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted traffic to Oracle DBMS 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted traffic to PostgreSQL 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Security Group allows unrestricted Telnet traffic 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM Policy allows full administrative privileges 🟢 | 1 | 🟢 x6 |
| 📝 AWS RDS Instance is publicly accessible and in an unrestricted public subnet 🟢 | 1 | 🟢 x6 |
| 📝 AWS RDS Instance uses default endpoint port 🟢 | 1 | 🟢 x6 |
| 📝 AWS RDS Snapshot is publicly accessible 🟢 | 1 | 🟢 x6 |
| 📝 AWS S3 Bucket is not configured to block public access 🟢 | 1 | 🟢 x6 |
| 📝 AWS VPC is not configured with a VPC Endpoint for Amazon EC2 service 🟢 | 1 | 🟢 x6 |
| 📝 AWS VPC Network ACL exposes admin ports to public internet ports 🟢 | 1 | 🟢 x6 |
| 📝 AWS VPC Subnet Map Public IP On Launch is enabled 🟢 | 1 | 🟢 x6 |
| 📝 AWS VPC Transit Gateway Auto Accept Shared Attachments is enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Cosmos DB Account Private Endpoints are not used 🟢 | 1 | 🟢 x6 |
| 📝 Azure Cosmos DB Account Virtual Network Filter is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Cosmos DB Entra ID Client Authentication is not used 🟢 | | 🟢 x3 |
| 📝 Azure Key Vault Private Endpoints are not used 🟢 | 1 | 🟢 x6 |
| 📝 Azure Managed Disk Public Network Access is not disabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Network Security Group allows public access to HTTP(S) ports 🟢 | 1 | 🟢 x6 |
| 📝 Azure Network Security Group allows public access to RDP port 🟢 | 1 | 🟢 x6 |
| 📝 Azure Network Security Group allows public access to SSH port 🟢 | 1 | 🟢 x6 |
| 📝 Azure PostgreSQL Flexible Server Firewall Rules allow access to Azure services 🟢 | 1 | 🟢 x6 |
| 📝 Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP) 🟢 | 1 | 🟢 x6 |
| 📝 Azure SQL Server Public Network Access is not disabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Storage Account Allow Blob Anonymous Access is enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Storage Account Cross Tenant Replication is enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Storage Account Default Network Access Rule is not set to Deny 🟢 | 1 | 🟢 x6 |
| 📝 Azure Storage Account Private Endpoints are not used 🟢 | 1 | 🟢 x6 |