Detections
Analytics

Tenable Cloud Security Policies Search

IDNameCSPDomainSeverity
AC_AWS_0005Ensure encryption is enabled for Amazon Machine Image (AMI)AWSInfrastructure Security
MEDIUM
AC_AWS_0056Ensure automatic minor version upgrade is enabled for Amazon Relational Database Service (Amazon RDS) instancesAWSData Protection
HIGH
AC_AWS_0177Ensure latest engine version is used for AWS MQ BrokersAWSSecurity Best Practices
MEDIUM
AC_AWS_0208Ensure at-rest server side encryption (SSE) is enabled using default encryption keys for AWS ECR RepositoryAWSData Protection
MEDIUM
AC_AWS_0368Ensure KMS Customer Master Keys (CMKs) are used for encryption for AWS Storage Gateway File SharesAWSSecurity Best Practices
HIGH
AC_AWS_0372Ensure root volumes are encrypted for the AWS WorkspacesAWSData Protection
MEDIUM
AC_AWS_0441Ensure HTTP2 is enabled for AWS LB (Load Balancer)AWSInfrastructure Security
LOW
AC_AWS_0454Ensure one HTTPS listener is configured for AWS Load BalancerAWSInfrastructure Security
HIGH
AC_AWS_0468Ensure encryption is enabled for AWS Athena DatabaseAWSData Protection
HIGH
AC_AZURE_0111Ensure that automatic upgrades are enabled for Azure Virtual Machine ExtensionAzureInfrastructure Security
MEDIUM
AC_AZURE_0154Ensure that TLS is enforced for Azure Load BalancerAzureResilience
LOW
AC_AZURE_0193Ensure web sockets are disabled for Azure App ServiceAzureInfrastructure Security
MEDIUM
AC_AZURE_0201Ensure in-transit encryption is enabled for Azure Redis CacheAzureInfrastructure Security
MEDIUM
AC_AZURE_0294Ensure encryption is enabled for Azure Data Lake StoreAzureData Protection
MEDIUM
AC_AZURE_0299Ensure that Azure Data Explorer uses disk encryption in Azure Kusto ClusterAzureData Protection
MEDIUM
AC_AZURE_0317Ensure that string variables are encrypted for Azure Automation VariableAzureData Protection
MEDIUM
AC_AZURE_0319Ensure that date-time variables are encrypted for Azure Automation VariableAzureData Protection
MEDIUM
AC_AZURE_0359Ensure automatic OS upgrades are enabled for windows config block in Azure Virtual Machine Scale SetAzureSecurity Best Practices
MEDIUM
AC_GCP_0243Ensure application-layer secrets are encrypted for Google Container ClusterGCPInfrastructure Security
MEDIUM
AC_K8S_0123Ensure TLS verification is enabled in Istio Destination RulesKubernetesInfrastructure Security
MEDIUM
AC_AZURE_0402Ensure audit log retention period is greater than 90 days for Azure PostgreSQL ServerAzureResilience
LOW
AC_AWS_0065Ensure Amazon Relational Database Service (Amazon RDS) instance is not open to more than 256 hostsAWSInfrastructure Security
HIGH
AC_AWS_0066Ensure Amazon Relational Database Service (Amazon RDS) instances do not have public interface definedAWSInfrastructure Security
HIGH
AC_AWS_0394Ensure secure ciphers are used for AWS CloudFront distributionAWSData Protection
HIGH
AC_AZURE_0124Ensure latest TLS version is in use for Azure Windows Function AppAzureInfrastructure Security
MEDIUM
AC_AWS_0068Ensure public access is disabled for AWS Database Migration Service (DMS) instancesAWSData Protection
HIGH
AC_AWS_0099Ensure there are no public file systems for AWS Elastic File System (EFS)AWSIdentity and Access Management
HIGH
AC_AWS_0437Ensure public access is disabled for Amazon Relational Database Service (Amazon RDS) database snapshotsAWSInfrastructure Security
MEDIUM
AC_AZURE_0093Ensure public access is disabled for Azure IoT Hub Device Provisioning Service (DPS)AzureInfrastructure Security
MEDIUM
AC_AZURE_0094Ensure shared access policies are not used for IoT HubAzureInfrastructure Security
HIGH
AC_AZURE_0097Ensure that the Microsoft Defender for IoT Hub is enabledAzureInfrastructure Security
MEDIUM
AC_AZURE_0103Ensure that the attribute 'inconsistent_module_settings' in Defender for IoT is not set to falseAzureInfrastructure Security
MEDIUM
AC_AZURE_0135Ensure public access is disabled for Azure MSSQL ServerAzureInfrastructure Security
HIGH
AC_AZURE_0203Ensure cross account access is disabled for Azure Synapse Firewall RuleAzureInfrastructure Security
MEDIUM
AC_AZURE_0205Ensure cross account access is disabled for Azure SQL ServerAzureIdentity and Access Management
MEDIUM
AC_AZURE_0227Ensure advanced threat protection is enabled for Azure CosmosDB AccountAzureConfiguration and Vulnerability Analysis
MEDIUM
AC_AZURE_0305Ensure public access is disabled for Azure Storage SyncAzureInfrastructure Security
HIGH
AC_GCP_0245Ensure IAM roles do not impersonate or manage service accounts through Google Folder IAM BindingGCPIdentity and Access Management
LOW
AC_K8S_0112Ensure the use of externalIPs is restricted for Kubernetes serviceKubernetesInfrastructure Security
MEDIUM
AC_AWS_0085Ensure permissions are tightly controlled for Amazon Elastic Container Registry (Amazon ECR)AWSIdentity and Access Management
HIGH
AC_AWS_0214Ensure versioning is enabled for AWS S3 BucketsAWSResilience
HIGH
AC_K8S_0116Ensure Kubernetes Network policy attached to a pod have Ingress/Egress blocks specifiedKubernetesInfrastructure Security
MEDIUM
AC_AWS_0155Ensure at-rest server side encryption (SSE) is enabled for data stored in AWS Kinesis ServerAWSData Protection
HIGH
AC_AWS_0159Ensure customer master key (CMK) is not disabled for AWS Key Management Service (KMS)AWSResilience
HIGH
AC_AWS_0235Ensure Security Groups do not have unrestricted specific ports open - Elasticsearch (TCP,9300)AWSInfrastructure Security
HIGH
AC_AWS_0250Ensure Security Groups do not have unrestricted specific ports open - Memcached SSL (UDP,11214)AWSInfrastructure Security
HIGH
AC_AWS_0251Ensure Security Groups do not have unrestricted specific ports open - Memcached SSL (UDP,11215)AWSInfrastructure Security
HIGH
AC_AWS_0255Ensure Security Groups do not have unrestricted specific ports open - NetBIOS Name Service (UDP,137)AWSInfrastructure Security
HIGH
AC_AWS_0260Ensure Security Groups do not have unrestricted specific ports open - Oracle DB SSL (TCP,2484)AWSInfrastructure Security
HIGH
AC_AWS_0261Ensure Security Groups do not have unrestricted specific ports open - Oracle DB SSL (UDP,2484)AWSInfrastructure Security
HIGH