Detections
Analytics

Tenable Cloud Security Policies Search

IDNameCSPDomainSeverity
AC_AWS_0058Ensure storage encryption at rest is enabled for Amazon Relational Database Service (Amazon RDS) instancesAWSData Protection
HIGH
AC_AWS_0081Ensure AWS EBS Volume has a corresponding AWS EBS SnapshotAWSData Protection
HIGH
AC_AWS_0096Ensure encryption is enabled for AWS EFS file systemsAWSData Protection
HIGH
AC_AWS_0170Ensure there are no hard coded scripts used in base64 encoded value of AWS Launch ConfigurationAWSData Protection
HIGH
AC_AWS_0188Ensure deletion protection is enabled for Amazon Relational Database Service (Amazon RDS) clustersAWSData Protection
MEDIUM
AC_AWS_0364Ensure server side encryption (SSE) is enabled for Amazon Simple Notification Service (SNS) TopicAWSData Protection
MEDIUM
AC_AWS_0374Ensure data encryption is enabled for AWS X-RayAWSData Protection
HIGH
AC_AWS_0375Ensure server-side encryption (SSE) is enforced for AWS DynamoDB tablesAWSData Protection
MEDIUM
AC_AWS_0376Ensure server side encryption (SSE) is using a customer-managed KMS Key for AWS DynamoDB tablesAWSData Protection
HIGH
AC_AWS_0379Ensure all data stored is encrypted in-transit for AWS Elasticache Replication GroupAWSData Protection
HIGH
AC_AWS_0380Ensure all data stored is encrypted in-transit and has auth token for authentication for AWS Elasticache Replication GroupAWSData Protection
HIGH
AC_AWS_0465Ensure secrets are encrypted using AWS KMS key for AWS Secrets ManagerAWSData Protection
MEDIUM
AC_AWS_0576Ensure private subnets are not used to deploy AWS NAT GatewaysAWSData Protection
HIGH
AC_AZURE_0155Ensure encryption is configured for Azure Kubernetes Cluster using a customer managed keyAzureData Protection
MEDIUM
AC_AZURE_0168Ensure access level is set to 'Read' for Azure Managed Disk SAS TokenAzureData Protection
MEDIUM
AC_AZURE_0214Ensure Azure Keyvaults are used to store secretsAzureData Protection
LOW
AC_AZURE_0298Ensure that Azure Data Explorer uses double encryption in Azure Kusto ClusterAzureData Protection
MEDIUM
AC_AZURE_0318Ensure that integer variables are encrypted for Azure Automation VariableAzureData Protection
MEDIUM
AC_AZURE_0323Ensure that Microsoft Defender for Kubernetes is set to 'On'AzureData Protection
MEDIUM
AC_AZURE_0347Ensure that automatic failover is enabled for Azure CosmosDB AccountAzureData Protection
MEDIUM
AC_GCP_0283Ensure KMS customer managed keys are used in Google Dataflow JobGCPData Protection
MEDIUM
AC_K8S_0054Ensure that the --service-account-private-key-file argument is set as appropriateKubernetesData Protection
MEDIUM
AC_AZURE_0066Ensure SQL server's Transparent Data Encryption (TDE) protector is encrypted with Customer-managed keyAzureData Protection
MEDIUM
AC_AZURE_0228Ensure that customer managed key is used for encryption for Azure Container RegistryAzureData Protection
MEDIUM
AC_AZURE_0329Ensure custom script extensions are not used in Azure Linux Virtual MachineAzureData Protection
MEDIUM
AC_AZURE_0554Ensure that 'Enable Infrastructure Encryption' for Each Storage Account in Azure Storage is Set to 'enabled'AzureData Protection
LOW
AC_AWS_0048Ensure Elastic Block Store (EBS) volumes are encrypted through AWS ConfigAWSData Protection
MEDIUM
AC_AWS_0072Ensure backup retention period is set according to best practice for AWS DocumentDB clustersAWSData Protection
MEDIUM
AC_AWS_0073Ensure KMS customer managed keys are used for encryption of AWS DocumentDB ClustersAWSData Protection
MEDIUM
AC_AWS_0080Ensure EBS volume encryption is enabledAWSData Protection
HIGH
AC_AWS_0166Ensure at-rest data encryption is enabled for AWS ECS clustersAWSData Protection
LOW
AC_AWS_0167Ensure at-rest data encryption is enabled for AWS EBS Root Block clusterAWSData Protection
HIGH
AC_AWS_0169Ensure there are no URL references used in base64 encoded value of AWS Launch ConfigurationAWSData Protection
HIGH
AC_AWS_0182Ensure storage encryption is enabled for AWS Neptune clusterAWSData Protection
HIGH
AC_AWS_0185Ensure external principals are allowed for AWS RAM resourcesAWSData Protection
MEDIUM
AC_AWS_0371Ensure user volumes are encrypted for the AWS WorkspacesAWSData Protection
MEDIUM
AC_AWS_0394Ensure secure ciphers are used for AWS CloudFront distributionAWSData Protection
HIGH
AC_AWS_0461Ensure AWS ECR Repository uses KMS for server-side encryptionAWSData Protection
MEDIUM
AC_AWS_0591Ensure EBS Volume Encryption is Enabled in all RegionsAWSData Protection
HIGH
AC_AWS_0616Ensure Code Signing is enabled for AWS Lambda functionsAWSData Protection
HIGH
AC_AZURE_0152Ensure disk encryption is enabled for Azure Linux Virtual Machine Scale SetAzureData Protection
MEDIUM
AC_AZURE_0284Ensure that 'Unattached disks' are encrypted with CMKAzureData Protection
MEDIUM
AC_AZURE_0349Ensure disk encryption is enabled for Azure Windows Virtual Machine Scale SetAzureData Protection
MEDIUM
AC_AZURE_0379Ensure data encryption is enabled for Azure Synapse SQL PoolAzureData Protection
MEDIUM
AC_K8S_0020Ensure kube-controller-manager (affected versions of kube-controller-manager: v1.18.0, v1.17.0 - v1.17.4, v1.16.0 - v1.16.8, and v1.15.11) are not vulnerable to CVE-2020-8555KubernetesData Protection
MEDIUM
AC_K8S_0044Ensure that the --terminated-pod-gc-threshold argument is set as appropriateKubernetesData Protection
MEDIUM
AC_K8S_0055Ensure that the --root-ca-file argument is set as appropriateKubernetesData Protection
MEDIUM
AC_K8S_0071Ensure that the Tiller Service (Helm v2) is not deployed for Kubernetes workloadsKubernetesData Protection
MEDIUM
S3_AWS_0001Ensure at-rest server side encryption (SSE) is enabled using AWS KMS for AWS S3 Buckets - Terraform Version 1.xAWSData Protection
HIGH
S3_AWS_0003Ensure S3 bucket encryption 'kms_master_key_id' is not empty or null - Terraform Version 1.xAWSData Protection
HIGH