Detections
Analytics

Tenable Cloud Security Policies Search

IDNameCSPDomainSeverity
AC_AWS_0007Ensure detailed CloudWatch Metrics are enabled for AWS API Gateway Method SettingsAWSLogging and Monitoring
MEDIUM
AC_AWS_0037Ensure logging for global services is enabled for AWS CloudTrailAWSLogging and Monitoring
MEDIUM
AC_AWS_0123Ensure access logging is enabled for AWS ELBAWSLogging and Monitoring
MEDIUM
AC_AWS_0612Ensure VPC flow logging is enabled in all VPCsAWSLogging and Monitoring
LOW
AC_AZURE_0133Ensure notification email address is configured for Azure MSSQL Server Security Alert PolicyAzureLogging and Monitoring
MEDIUM
AC_AZURE_0192Ensure auditing and monitoring is enabled for Azure App ServiceAzureLogging and Monitoring
MEDIUM
AC_AZURE_0264Ensure log profile is configured to capture all activities for Azure Monitor Log ProfileAzureLogging and Monitoring
MEDIUM
AC_AZURE_0291Ensure that logging to Azure Monitoring is configured for Azure Kubernetes ClusterAzureLogging and Monitoring
MEDIUM
AC_AZURE_0350Ensure overprovisioning is disabled for Azure Windows Virtual Machine Scale SetAzureLogging and Monitoring
LOW
AC_AZURE_0362Ensure boot diagnostics are enabled for Azure Virtual MachineAzureLogging and Monitoring
MEDIUM
AC_AZURE_0383Ensure that 'Threat Detection' is enabled for Azure SQL DatabaseAzureLogging and Monitoring
MEDIUM
AC_AZURE_0413Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server - azurerm_postgresql_configurationAzureLogging and Monitoring
MEDIUM
AC_AZURE_0418Ensure that Network Watcher is 'Enabled'AzureLogging and Monitoring
HIGH
S3_AWS_0010Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket - Terraform Version 1.xAWSLogging and Monitoring
MEDIUM
AC_AZURE_0069Ensure that Activity Log Alert exists for Create or Update Public IP Address ruleAzureLogging and Monitoring
MEDIUM
AC_AZURE_0072Ensure that Activity Log Alert exists for Create or Update SQL Server Firewall RuleAzureLogging and Monitoring
MEDIUM
AC_GCP_0308Ensure That the Log Metric Filter and Alerts Exist for Custom Role ChangesGCPLogging and Monitoring
MEDIUM
AC_AWS_0015Ensure AWS WAF ACL is associated with AWS API Gateway StageAWSLogging and Monitoring
LOW
AC_AWS_0051Ensure event subscriptions are enabled for instance level eventsAWSLogging and Monitoring
MEDIUM
AC_AWS_0086Ensure container insights are enabled for Amazon Elastic Container Service (ECS) clustersAWSLogging and Monitoring
MEDIUM
AC_AWS_0127Ensure flow logs are enabled for AWS Global AcceleratorAWSLogging and Monitoring
MEDIUM
AC_AWS_0131Ensure intelligent threat detection is enabled for all regions via AWS GuardDuty DetectorAWSLogging and Monitoring
MEDIUM
AC_AWS_0174Ensure log exports is enabled for AWS MQ BrokersAWSLogging and Monitoring
LOW
AC_AWS_0204Ensure CloudWatch logging is enabled for AWS Route53 hosted zonesAWSLogging and Monitoring
MEDIUM
AC_AWS_0435Ensure access logging is enabled for AWS LB (Load Balancer)AWSLogging and Monitoring
MEDIUM
AC_AZURE_0132Ensure 'email account admins' is enabled for Azure MSSQL Server Security Alert PolicyAzureLogging and Monitoring
MEDIUM
AC_AZURE_0216Ensure that a 'Diagnostics Setting' existsAzureLogging and Monitoring
MEDIUM
AC_AZURE_0279Ensure notification email setting is enabled for Azure SQL Database Threat Detection PolicyAzureLogging and Monitoring
LOW
AC_AZURE_0295Ensure that logging for detailed error messages is enabled for Azure App ServiceAzureLogging and Monitoring
LOW
AC_AZURE_0361Ensure overprovisioning is disabled for Azure Virtual Machine Scale SetAzureLogging and Monitoring
LOW
AC_AZURE_0376Ensure that 'Auditing' is set to 'On'AzureLogging and Monitoring
MEDIUM
AC_AZURE_0386Ensure That 'Notify about alerts with the following severity' is Set to 'High'AzureLogging and Monitoring
MEDIUM
AC_AZURE_0409Ensure Server Parameter 'log_checkpoints' is set to 'ON' for PostgreSQL Database ServerAzureLogging and Monitoring
MEDIUM
AC_K8S_0030Ensure that the --profiling argument is set to falseKubernetesLogging and Monitoring
MEDIUM
AC_K8S_0033Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriateKubernetesLogging and Monitoring
MEDIUM
AC_K8S_0052Ensure that the --profiling argument is set to falseKubernetesLogging and Monitoring
LOW
S3_AWS_0017Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket - Terraform Version 1.xAWSLogging and Monitoring
MEDIUM
AC_AWS_0632Ensure AWS Config is enabled in all regionsAWSLogging and Monitoring
HIGH
AC_AZURE_0003Ensure that 'Threat Detection' is enabled for Azure SQL DatabaseAzureLogging and Monitoring
MEDIUM
AC_AZURE_0085Ensure that logging for Azure Key Vault is 'Enabled'AzureLogging and Monitoring
HIGH
AC_AZURE_0338Ensure that Activity Log Alert exists for Delete Security SolutionAzureLogging and Monitoring
MEDIUM
AC_AZURE_0343Ensure that Activity Log Alert exists for Create or Update Network Security GroupAzureLogging and Monitoring
MEDIUM
AC_AZURE_0396Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database ServerAzureLogging and Monitoring
MEDIUM
AC_AZURE_0591Ensure Server Parameter 'log_checkpoints' is set to 'ON' for PostgreSQL Database ServerAzureLogging and Monitoring
MEDIUM
AC_GCP_0305Ensure Log Metric Filter and Alerts Exist for Project Ownership Assignments/ChangesGCPLogging and Monitoring
MEDIUM
AC_AWS_0034Ensure CloudTrail is enabled in all regionsAWSLogging and Monitoring
MEDIUM
AC_AWS_0035Ensure Amazon Simple Notification Service (SNS) topic is defined for notifying log file delivery for AWS CloudTrailAWSLogging and Monitoring
MEDIUM
AC_AWS_0064Ensure CloudWatch logging is enabled for Amazon Relational Database Service (Amazon RDS) instancesAWSLogging and Monitoring
MEDIUM
AC_AWS_0163Ensure tracing is enabled for AWS Lambda FunctionsAWSLogging and Monitoring
LOW
AC_AWS_0200Ensure audit logging feature is enabled for AWS Redshift clustersAWSLogging and Monitoring
LOW