| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [APIGateway.1] API Gateway REST and WebSocket API execution logging should be enabled | | 1 | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [APIGateway.9] Access logging should be configured for API Gateway V2 Stages | | 1 | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [AutoScaling.5] Amazon EC2 instances launched using Auto Scaling group launch configurations should not have Public IP addresses | | 1 | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudFront.5] CloudFront distributions should have logging enabled | | 1 | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudTrail.1] CloudTrail should be enabled and configured with at least one multi-Region trail that includes read and write management events | | 1 | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudTrail.5] CloudTrail trails should be integrated with Amazon CloudWatch Logs | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CodeBuild.4] CodeBuild project environments should have a logging AWS Configuration | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DMS.1] Database Migration Service replication instances should not be public | | 1 | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DMS.7] DMS replication tasks for the target database should have logging enabled | | | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DMS.8] DMS replication tasks for the source database should have logging enabled | | | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DocumentDB.3] Amazon DocumentDB manual cluster snapshots should not be public | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DocumentDB.4] Amazon DocumentDB clusters should publish audit logs to CloudWatch Logs | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.1] Amazon EBS snapshots should not be publicly restorable | | | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.9] Amazon EC2 instances should not have a public IPv4 address | | | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.15] Amazon EC2 subnets should not automatically assign public IP addresses | | | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.25] Amazon EC2 launch templates should not assign public IPs to network interfaces | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.51] EC2 Client VPN endpoints should have client connection logging enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ECS.2] ECS services should not have public IP addresses assigned to them automatically | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ECS.9] ECS task definitions should have a logging configuration | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EKS.1] EKS cluster endpoints should not be publicly accessible | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EKS.8] EKS clusters should have audit logging enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.5] Application and Classic Load Balancers logging should be enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EMR.1] Amazon EMR cluster primary nodes should not have public IP addresses | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EMR.2] Amazon EMR block public access setting should be enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.2] Elasticsearch domains should not be publicly accessible | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.4] Elasticsearch domain error logging to CloudWatch Logs should be enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.5] Elasticsearch domains should have audit logging enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Lambda.1] Lambda function policies should prohibit public access | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Neptune.2] Neptune DB clusters should publish audit logs to CloudWatch Logs | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Neptune.3] Neptune DB cluster snapshots should not be public | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [NetworkFirewall.2] Network Firewall logging should be enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.2] OpenSearch domains should not be publicly accessible | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.4] OpenSearch domain error logging to CloudWatch Logs should be enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.5] OpenSearch domains should have audit logging enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.1] RDS snapshot should be private | | 1 | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.9] RDS DB instances should publish logs to CloudWatch Logs | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.34] Aurora MySQL DB clusters should publish audit logs to CloudWatch Logs | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.40] RDS for SQL Server DB instances should publish logs to CloudWatch Logs | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.1] Amazon Redshift clusters should prohibit public access | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.4] Amazon Redshift clusters should have audit logging enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.7] Redshift clusters should use enhanced VPC routing | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Route53.2] Route 53 public hosted zones should log DNS queries | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.1] S3 general purpose buckets should have block public access settings enabled | | | 1 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.2] S3 general purpose buckets should block public read access | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.3] S3 general purpose buckets should block public write access | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.9] S3 general purpose buckets should have server access logging enabled | | 1 | 2 | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.19] S3 access points should have block public access settings enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SageMaker.1] Amazon SageMaker AI notebook instances should not have direct internet access | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SageMaker.2] SageMaker AI notebook instances should be launched in a custom VPC | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SSM.4] SSM documents should not be public | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Transfer.3] Transfer Family connectors should have logging enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [WAF.1] AWS WAF Classic Global Web ACL logging should be enabled | | | | | no data |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [WAF.12] AWS WAF rules should have CloudWatch metrics enabled | | | | | no data |