| π AWS Account IAM Access Analyzer is not enabled for all regions π’ | 1 | π’ x6 |
| π AWS Account IAM Password Policy Number of passwords to remember is not set to 24 π’ | 1 | π’ x6 |
| π AWS Account Root User credentials were used is the last 30 days π΄π’ | 1 | π΄ x1, π’ x6 |
| π AWS CloudTrail S3 Bucket Access Logging is not enabled. π’ | 1 | π’ x6 |
| π AWS IAM Policy allows full administrative privileges π’ | 1 | π’ x6 |
| π AWS IAM User Access Keys are not rotated every 90 days or less π’ | 1 | π’ x6 |
| π AWS IAM User has more than one active access key π’ | 1 | π’ x6 |
| π AWS IAM User with console and programmatic access set during the initial creation π’ | | π’ x3 |
| π AWS S3 Bucket MFA Delete is not enabled π π’ | 1 | π x1, π’ x6 |
| π AWS S3 Bucket Policy is not set to deny HTTP requests π’ | 1 | π’ x6 |
| π AWS S3 Bucket Server Access Logging is not enabled π’ | 1 | π’ x6 |
| π AWS S3 Bucket Versioning is not enabled π’ | 1 | π’ x6 |
| π Azure App Service Authentication is disabled and Basic Authentication is enabled π’ | 1 | π’ x6 |
| π Azure App Service Basic Authentication is enabled π’ | | π’ x3 |
| π Azure App Service is not registered with Microsoft Entra ID π’ | 1 | π’ x6 |
| π Azure Cosmos DB Account Private Endpoints are not used π’ | 1 | π’ x6 |
| π Azure Cosmos DB Entra ID Client Authentication is not used π’ | | π’ x3 |
| π Azure PostgreSQL Flexible Server Firewall Rules allow access to Azure services π’ | 1 | π’ x6 |
| π Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP) π’ | 1 | π’ x6 |
| π Azure Storage Account Trusted Azure Services are not enabled as networking exceptions π’ | 1 | π’ x6 |
| π Azure Storage Blob Containers Soft Delete is not enabled π’ | 1 | π’ x6 |