Detections
Analytics

Tenable Cloud Security Policies Search

IDNameCSPDomainSeverity
AC_AWS_0532Ensure Memcached SSL (TCP:11211) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0536Ensure Oracle DB (TCP:2483) is not exposed to entire internetAWSInfrastructure Security
HIGH
AC_AWS_0537Ensure Oracle DB (TCP:2483) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0540Ensure Oracle DB (UDP:2483) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0510Ensure Cassandra Internode Communication (TCP:7000) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0513Ensure Cassandra Monitoring (TCP:7199) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0516Ensure Cassandra OpsCenter Monitoring (TCP:61620) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0519Ensure Cassandra OpsCenter Website (TCP:8888) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0520Ensure Cassandra OpsCenter Website (TCP:8888) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0521Ensure Cassandra Thrift (TCP:9160) is not exposed to entire internetAWSInfrastructure Security
HIGH
AC_AWS_0525Ensure LDAP (TCP:389) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0535Ensure Memcached SSL (UDP:11211) is not exposed to more than 32 private hostsAWSInfrastructure Security
LOW
AC_AWS_0539Ensure Oracle DB (UDP:2483) is not exposed to entire internetAWSInfrastructure Security
HIGH
AC_AWS_0543Ensure Redis without SSL (TCP:6379) is not exposed to publicAWSInfrastructure Security
MEDIUM
AC_AWS_0054Ensure public access is disabled for Amazon Relational Database Service (Amazon RDS) instancesAWSInfrastructure Security
HIGH
S3_AWS_0015Ensure S3 bucket encryption 'kms_master_key_id' is not empty or null - Terraform Version 1.xAWSData Protection
HIGH
AC_AWS_0065Ensure Amazon Relational Database Service (Amazon RDS) instance is not open to more than 256 hostsAWSInfrastructure Security
HIGH
AC_AWS_0066Ensure Amazon Relational Database Service (Amazon RDS) instances do not have public interface definedAWSInfrastructure Security
HIGH
AC_AWS_0394Ensure secure ciphers are used for AWS CloudFront distributionAWSData Protection
HIGH
AC_AWS_0207Ensure S3 bucket encryption 'kms_master_key_id' is not empty or nullAWSData Protection
HIGH
AC_AWS_0596Ensure credentials unused for 45 days or greater are disabledAWSCompliance Validation
LOW
AC_AWS_0098Ensure Customer Managed Keys (CMK) are used for encryption of AWS Elastic File System (EFS)AWSData Protection
HIGH
AC_AWS_0197Ensure KMS customer managed key (CMK) for encryption of AWS Redshift clustersAWSSecurity Best Practices
HIGH
AC_AWS_0198Ensure encryption is enabled for AWS Redshift clustersAWSData Protection
MEDIUM
AC_AWS_0206Ensure at-rest server side encryption (SSE) is enabled using default encryption keys for AWS S3 BucketsAWSData Protection
HIGH
AC_AWS_0275Ensure no security groups is wide open to public, that is, allows traffic from 0.0.0.0/0 to ALL ports and protocolsAWSInfrastructure Security
HIGH
AC_AWS_0186Ensure that encryption is enabled for Amazon Relational Database Service (Amazon RDS) InstancesAWSData Protection
HIGH
S3_AWS_0005Ensure MFA Delete is enable on S3 buckets - Terraform Version 1.xAWSSecurity Best Practices
HIGH
AC_AWS_0209Ensure MFA Delete is enable on S3 bucketsAWSSecurity Best Practices
HIGH
AC_AWS_0552Ensure MFA is enabled for the "root user" accountAWSCompliance Validation
HIGH
AC_AWS_0034Ensure CloudTrail is enabled in all regionsAWSLogging and Monitoring
MEDIUM
AC_AWS_0428Ensure that S3 Buckets are configured with 'Block public access (bucket settings)'AWSInfrastructure Security
MEDIUM
AC_AWS_0042Ensure standard password policy must be followed with password at least 14 characters longAWSIdentity and Access Management
MEDIUM
AC_AWS_0036Ensure CloudTrail log file validation is enabledAWSLogging and Monitoring
MEDIUM
AC_AWS_0138Ensure credentials unused for 45 days or greater are disabledAWSCompliance Validation
LOW
S3_AWS_0003Ensure S3 bucket encryption 'kms_master_key_id' is not empty or null - Terraform Version 1.xAWSData Protection
HIGH
AC_AWS_0597Ensure MFA is enabled for the 'root' user accountAWSCompliance Validation
HIGH
AC_AWS_0604Ensure S3 bucket encryption 'kms_master_key_id' is not empty or nullAWSData Protection
HIGH
AC_AWS_0369Ensure VPC flow logging is enabled in all VPCsAWSLogging and Monitoring
LOW
AC_AWS_0584Ensure CloudTrail log file validation is enabledAWSLogging and Monitoring
MEDIUM
AC_AWS_0033Ensure CloudTrail logs are encrypted at rest using KMS CMKsAWSLogging and Monitoring
HIGH
AC_AWS_0080Ensure EBS volume encryption is enabledAWSData Protection
HIGH
AC_AWS_0582Ensure CloudTrail logs are encrypted at rest using KMS CMKsAWSLogging and Monitoring
HIGH
AC_AWS_0160Ensure rotation for customer created CMKs is enabledAWSData Protection
HIGH
AC_AWS_0432Ensure IAM Users Receive Permissions Only Through GroupsAWSIdentity and Access Management
MEDIUM
AC_AWS_0151Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console passwordAWSCompliance Validation
HIGH
AC_AWS_0585Ensure CloudTrail trails are integrated with CloudWatch LogsAWSLogging and Monitoring
MEDIUM
AC_AWS_0038Ensure CloudTrail trails are integrated with CloudWatch LogsAWSLogging and Monitoring
MEDIUM
AC_AWS_0608Ensure that S3 Buckets are configured with 'Block public access (bucket settings)'AWSInfrastructure Security
MEDIUM
AC_AWS_0626Ensure CloudTrail is enabled in all regionsAWSLogging and Monitoring
MEDIUM