Detections
Analytics

Tenable Cloud Security Policies Search

IDNameCSPDomainSeverity
AC_AZURE_0143Ensure that 'Unattached disks' are encrypted in Azure Managed DiskAzureData Protection
MEDIUM
AC_AWS_0161Ensure deletion window for Customer Managed Keys (CMK) is enabled for AWS Key Management Service (KMS)AWSSecurity Best Practices
HIGH
S3_AWS_0006Ensure bucket policy is enforced with least privileges for all AWS S3 buckets - Terraform Version 1.xAWSIdentity and Access Management
HIGH
AC_AWS_0420Ensure there is no policy with Empty array ConditionAWSIdentity and Access Management
LOW
AC_AZURE_0386Ensure That 'Notify about alerts with the following severity' is Set to 'High'AzureLogging and Monitoring
MEDIUM
AC_AZURE_0378Ensure that Azure Active Directory Admin is configuredAzureIdentity and Access Management
HIGH
AC_AZURE_0371Ensure 'Trusted Microsoft Services' are Enabled for Storage Account AccessAzureInfrastructure Security
HIGH
AC_AZURE_0380Ensure no SQL Databases allow ingress 0.0.0.0/0 (ANY IP)AzureInfrastructure Security
MEDIUM
AC_AZURE_0239Ensure That 'All users with the following roles' is set to 'Owner'AzureLogging and Monitoring
MEDIUM
S3_AWS_0012Ensure AWS S3 Buckets are not world-listable for anonymous users - Terraform Version 1.xAWSIdentity and Access Management
HIGH
AC_AZURE_0406Ensure that Advanced Threat Protection (ATP) on a SQL Server is Set to 'Enabled'AzureInfrastructure Security
HIGH
AC_AWS_0096Ensure encryption is enabled for AWS EFS file systemsAWSData Protection
HIGH
S3_AWS_0013Ensure there are no world-writeable AWS S3 Buckets - Terraform Version 1.xAWSIdentity and Access Management
HIGH
S3_AWS_0014Ensure there are no world-readable AWS S3 Buckets - Terraform Version 1.xAWSIdentity and Access Management
HIGH
S3_AWS_0001Ensure at-rest server side encryption (SSE) is enabled using AWS KMS for AWS S3 Buckets - Terraform Version 1.xAWSData Protection
HIGH
AC_AZURE_0285Ensure that SSH access is restricted from the internetAzureInfrastructure Security
HIGH
S3_AWS_0002Ensure at-rest server side encryption (SSE) is enabled using default encryption keys for AWS S3 Buckets - Terraform Version 1.xAWSData Protection
HIGH
S3_AWS_0015Ensure S3 bucket encryption 'kms_master_key_id' is not empty or null - Terraform Version 1.xAWSData Protection
HIGH
AC_AZURE_0419Ensure that Network Security Group Flow Log retention period is 'greater than 90 days'AzureResilience
MEDIUM
AC_AWS_0132Ensure no root user account access key existsAWSIdentity and Access Management
HIGH
AC_AZURE_0342Ensure that RDP access is restricted from the internetAzureInfrastructure Security
HIGH
AC_AZURE_0357Ensure that UDP Services are restricted from the InternetAzureInfrastructure Security
HIGH
AC_AZURE_0169Ensure that logging for Azure KeyVault is 'Enabled'AzureLogging and Monitoring
HIGH
S3_AWS_0005Ensure MFA Delete is enable on S3 buckets - Terraform Version 1.xAWSSecurity Best Practices
HIGH
AC_AWS_0207Ensure S3 bucket encryption 'kms_master_key_id' is not empty or nullAWSData Protection
HIGH
AC_AWS_0209Ensure MFA Delete is enable on S3 bucketsAWSSecurity Best Practices
HIGH
S3_AWS_0003Ensure S3 bucket encryption 'kms_master_key_id' is not empty or null - Terraform Version 1.xAWSData Protection
HIGH
AC_AWS_0552Ensure MFA is enabled for the "root user" accountAWSCompliance Validation
HIGH
AC_AWS_0033Ensure CloudTrail logs are encrypted at rest using KMS CMKsAWSLogging and Monitoring
HIGH
AC_AWS_0080Ensure EBS volume encryption is enabledAWSData Protection
HIGH
AC_AWS_0034Ensure CloudTrail is enabled in all regionsAWSLogging and Monitoring
MEDIUM
AC_AWS_0369Ensure VPC flow logging is enabled in all VPCsAWSLogging and Monitoring
LOW
AC_AWS_0427Ensure hardware MFA is enabled for the "root user" accountAWSCompliance Validation
HIGH
AC_AWS_0160Ensure rotation for customer created CMKs is enabledAWSData Protection
HIGH
AC_AWS_0038Ensure CloudTrail trails are integrated with CloudWatch LogsAWSLogging and Monitoring
MEDIUM