| 📝 AWS Account IAM Password Policy Number of passwords to remember is not set to 24 🟢 | 1 | 🟢 x6 |
| 📝 AWS Account Root User credentials were used is the last 30 days 🟢 | 1 | 🟢 x6 |
| 📝 AWS EC2 Instance IAM role is not attached 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM Policy allows full administrative privileges 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM Server Certificate is expired 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM User Access Keys are not rotated every 90 days or less 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM User has inline or directly attached policies 🟢 | 1 | 🟠 x1, 🟢 x5 |
| 📝 AWS IAM User has more than one active access key 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM User MFA is not enabled for all users with console password 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM User with console and programmatic access set during the initial creation 🟢 | | 🟢 x3 |
| 📝 AWS KMS Symmetric CMK Rotation is not enabled 🟢 | 1 | 🟢 x6 |
| 📝 AWS S3 Bucket MFA Delete is not enabled 🟠🟢 | 1 | 🟠 x1, 🟢 x6 |
| 📝 Azure App Service Authentication is disabled and Basic Authentication is enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure App Service Basic Authentication is enabled 🟢 | | 🟢 x3 |
| 📝 Azure App Service is not registered with Microsoft Entra ID 🟢 | 1 | 🟢 x6 |
| 📝 Azure Key Vault Soft Delete and Purge Protection functions are not enabled 🟢 | 1 | 🟢 x6 |
| 📝 Azure Non-RBAC Key Vault stores Keys without expiration date 🟢 | 1 | 🟢 x6 |
| 📝 Azure Non-RBAC Key Vault stores Secrets without expiration date 🟢 | 1 | 🟢 x6 |
| 📝 Azure RBAC Key Vault stores Keys without expiration date 🟢 | 1 | 🟢 x6 |
| 📝 Azure RBAC Key Vault stores Secrets without expiration date 🟢 | 1 | 🟢 x6 |
| 📝 Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP) 🟢 | 1 | 🟢 x6 |
| 📝 Consumer Google Accounts are used 🟢 | | 🟢 x3 |
| 📝 Google Accounts are not configured with MFA 🟢 | | 🟢 x3 |