| π AWS Account Root User credentials were used is the last 30 days π΄π’ | 1 | π΄ x1, π’ x6 |
| π AWS Account Root User has active access keys π’ | 1 | π’ x6 |
| π AWS EC2 Instance IAM role is not attached π’ | 1 | π’ x6 |
| π AWS IAM User has inline or directly attached policies π’ | 1 | π x1, π’ x5 |
| π AWS IAM User MFA is not enabled for all users with console password π’ | 1 | π’ x6 |
| π AWS IAM User with console and programmatic access set during the initial creation π’ | | π’ x3 |
| π AWS RDS Instance is publicly accessible and in an unrestricted public subnet π’ | 1 | π’ x6 |
| π AWS S3 Bucket is not configured to block public access π’ | 1 | π’ x6 |
| π AWS S3 Bucket MFA Delete is not enabled π π’ | 1 | π x1, π’ x6 |
| π Azure App Service Authentication is disabled and Basic Authentication is enabled π’ | 1 | π’ x6 |
| π Azure App Service Basic Authentication is enabled π’ | | π’ x3 |
| π Azure App Service is not registered with Microsoft Entra ID π’ | 1 | π’ x6 |
| π Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP) π’ | 1 | π’ x6 |
| π Azure SQL Database Transparent Data Encryption is not enabled π’ | 1 | π’ x6 |
| π Azure SQL Server Microsoft Entra authentication is not configured π’ | 1 | π’ x6 |
| π Azure Storage Account Trusted Azure Services are not enabled as networking exceptions π’ | 1 | π’ x6 |