Skip to main content

💼 6.4.2 For public-facing web applications, an automated technical solution is deployed that continually detects and prevents web-based attacks.

Contextual name: 💼 6.4.2 For public-facing web applications, an automated technical solution is deployed that continually detects and prevents web-based attacks.
ID: /frameworks/pci-dss-v4.0.1/06/04/02
Located in: 💼 6.4 Public-facing web applications are protected against attacks.

Description

With at least the following:

Is installed in front of public-facing web applications and is configured to detect and prevent web-based attacks.
Actively running and up to date as applicable.
Generating audit logs.
Configured to either block web-based attacks or generate an alert that is immediately investigated.

Similar

Sections
- /frameworks/pci-dss-v4.0/06/04/02
- /frameworks/aws-fsbp-v1.0.0/cloudfront/06

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudFront.6] CloudFront distributions should have WAF enabled
💼 PCI DSS v4.0 → 💼 6.4.2 For public-facing web applications, an automated technical solution is deployed that continually detects and prevents web-based attacks.			9

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 6.4.2 For public-facing web applications, an automated technical solution is deployed that continually detects and prevents web-based attacks.			9

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (9)

Policy	Logic Count	Flags
📝 Google HTTP(S) Load Balancer Logging is not enabled 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for Audit Configuration Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for Custom Role Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for Project Ownership Assignments Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for SQL Instance Configuration Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for VPC Network Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for VPC Network Firewall Rule Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for VPC Network Route Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Sink for All Log Entries is not configured 🟢	1	🟢 x6

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (9)