Detections
Analytics

Tenable Cloud Security Policies Search

IDNameCSPDomainSeverity
AC_AWS_0150Ensure a log metric filter and alarm exist for AWS NAT GatewaysAWSSecurity Best Practices
HIGH
AC_AWS_0564Ensure a log metric filter and alarm exist for disabling or scheduled deletion of customer created CMKsAWSSecurity Best Practices
HIGH
AC_AWS_0567Ensure a log metric filter and alarm exist for security group changesAWSSecurity Best Practices
HIGH
AC_AZURE_0216Ensure that a 'Diagnostics Setting' existsAzureLogging and Monitoring
MEDIUM
AC_AZURE_0417Ensure that the latest version of NSG flow log is being used via Azure Network Watcher Flow LogAzureSecurity Best Practices
MEDIUM
AC_AZURE_0338Ensure that Activity Log Alert exists for Delete Security SolutionAzureLogging and Monitoring
MEDIUM
AC_AZURE_0343Ensure that Activity Log Alert exists for Create or Update Network Security GroupAzureLogging and Monitoring
MEDIUM
AC_GCP_0305Ensure Log Metric Filter and Alerts Exist for Project Ownership Assignments/ChangesGCPLogging and Monitoring
MEDIUM
AC_AWS_0034Ensure CloudTrail is enabled in all regionsAWSLogging and Monitoring
MEDIUM
AC_AWS_0035Ensure Amazon Simple Notification Service (SNS) topic is defined for notifying log file delivery for AWS CloudTrailAWSLogging and Monitoring
MEDIUM
AC_AWS_0452Ensure log retention policy is set for AWS CloudWatch Log GroupAWSSecurity Best Practices
MEDIUM
AC_AWS_0560Ensure a log metric filter and alarm exist for usage of 'root' accountAWSSecurity Best Practices
HIGH
AC_AWS_0563Ensure a log metric filter and alarm exist for AWS Management Console authentication failuresAWSSecurity Best Practices
HIGH
AC_AWS_0565Ensure a log metric filter and alarm exist for S3 bucket policy changesAWSSecurity Best Practices
HIGH
AC_AWS_0570Ensure a log metric filter and alarm exist for route table changesAWSSecurity Best Practices
HIGH
AC_AWS_0585Ensure CloudTrail trails are integrated with CloudWatch LogsAWSLogging and Monitoring
MEDIUM
AC_AZURE_0210Ensure that Diagnostic Logs Are Enabled for All Services that Support itAzureLogging and Monitoring
MEDIUM
AC_AZURE_0283Ensure that Activity Log Retention is set 365 days or greater for Azure Monitor Log ProfileAzureLogging and Monitoring
MEDIUM
AC_AZURE_0337Ensure that Activity Log Alert exists for Create or Update or Delete SQL Server Firewall RuleAzureLogging and Monitoring
MEDIUM
AC_AZURE_0341Ensure that Activity Log Alert exists for Create or Update Network Security GroupAzureLogging and Monitoring
MEDIUM
AC_AZURE_0218Ensure that Activity Log Alert exists for Create Policy AssignmentAzureLogging and Monitoring
MEDIUM
AC_AWS_0037Ensure logging for global services is enabled for AWS CloudTrailAWSLogging and Monitoring
MEDIUM
AC_AWS_0448Ensure log retention period of at least 90 days retention period for AWS CloudWatch Log GroupAWSSecurity Best Practices
HIGH
AC_AWS_0451Ensure an AWS Key Management Service (KMS) Customer Managed Key (CMK) is used to encrypt AWS CloudWatch Log GroupAWSData Protection
HIGH
AC_AWS_0561Ensure a log metric filter and alarm exist for IAM policy changesAWSSecurity Best Practices
HIGH
AC_AWS_0562Ensure a log metric filter and alarm exist for CloudTrail configuration changesAWSSecurity Best Practices
HIGH
AC_AWS_0568Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL)AWSSecurity Best Practices
HIGH
AC_AWS_0569Ensure a log metric filter and alarm exist for changes to network gatewaysAWSSecurity Best Practices
HIGH
AC_AWS_0572Ensure a log metric filter and alarm exists for AWS Organizations changesAWSSecurity Best Practices
HIGH
AC_AZURE_0264Ensure log profile is configured to capture all activities for Azure Monitor Log ProfileAzureLogging and Monitoring
MEDIUM
AC_AZURE_0416Ensure that traffic analytics is enabled via Azure Network Watcher Flow LogAzureSecurity Best Practices
MEDIUM
AC_AZURE_0418Ensure that Network Watcher is 'Enabled'AzureLogging and Monitoring
HIGH
AC_AZURE_0069Ensure that Activity Log Alert exists for Create or Update Public IP Address ruleAzureLogging and Monitoring
MEDIUM
AC_AZURE_0072Ensure that Activity Log Alert exists for Create or Update SQL Server Firewall RuleAzureLogging and Monitoring
MEDIUM
AC_GCP_0308Ensure That the Log Metric Filter and Alerts Exist for Custom Role ChangesGCPLogging and Monitoring
MEDIUM
AC_AWS_0558Ensure a log metric filter and alarm exist for Management Console sign-in without MFAAWSSecurity Best Practices
HIGH
AC_AWS_0571Ensure a log metric filter and alarm exist for VPC changesAWSSecurity Best Practices
HIGH
AC_AWS_0582Ensure CloudTrail logs are encrypted at rest using KMS CMKsAWSLogging and Monitoring
HIGH
AC_AWS_0584Ensure CloudTrail log file validation is enabledAWSLogging and Monitoring
MEDIUM
AC_AZURE_0222Ensure failing azure functions have email alerts configured for Azure Monitor Action GroupAzureCompliance Validation
MEDIUM
AC_AZURE_0340Ensure that Activity Log alert exists for the Delete Network Security Group RuleAzureLogging and Monitoring
MEDIUM
AC_AZURE_0415Ensure that the retention policy is enabled for Azure Network Watcher Flow LogAzureResilience
MEDIUM
AC_AZURE_0058Ensure that Network Security Group Flow Log retention period is 'greater than 90 days'AzureResilience
MEDIUM
AC_AZURE_0070Ensure that Activity Log Alert exists for Delete Public IP Address ruleAzureLogging and Monitoring
MEDIUM
AC_AZURE_0071Ensure that Activity Log Alert exists for Delete SQL Server Firewall RuleAzureLogging and Monitoring
MEDIUM
AC_AZURE_0339Ensure that Activity Log Alert exists for Create or Update Security SolutionAzureLogging and Monitoring
MEDIUM
AC_AZURE_0344Ensure that Activity Log Alert exists for Delete Policy AssignmentAzureLogging and Monitoring
MEDIUM
AC_GCP_0307Ensure That the Log Metric Filter and Alerts Exist for Cloud Storage IAM Permission ChangesGCPLogging and Monitoring
MEDIUM
AC_GCP_0311Ensure That the Log Metric Filter and Alerts Exist for SQL Instance Configuration ChangesGCPLogging and Monitoring
MEDIUM
AC_AWS_0033Ensure CloudTrail logs are encrypted at rest using KMS CMKsAWSLogging and Monitoring
HIGH