Detections
Analytics

Tenable Cloud Security Policies

Search

IDNameCSPDomainSeverity
AC_AZURE_0361Ensure overprovisioning is disabled for Azure Virtual Machine Scale SetAzureLogging and Monitoring
LOW
AC_AZURE_0362Ensure boot diagnostics are enabled for Azure Virtual MachineAzureLogging and Monitoring
MEDIUM
AC_AZURE_0363Ensure ssh keys are used to auth Azure Virtual MachineAzureIdentity and Access Management
MEDIUM
AC_AZURE_0364Ensure that the latest OS patches for Azure Virtual MachineAzureCompliance Validation
MEDIUM
AC_AZURE_0365Ensure age in days after create to delete snapshot is more than 90 in Azure Storage Management PolicyAzureResilience
MEDIUM
AC_AZURE_0366Ensure that 'Public access level' is set to Private for blob containersAzureIdentity and Access Management
HIGH
AC_AZURE_0367Ensure Soft Delete is Enabled for Azure StorageAzureData Protection
MEDIUM
AC_AZURE_0368Ensure CORS rules are set according to organization's policy for Azure Storage AccountAzureInfrastructure Security
MEDIUM
AC_AZURE_0369Ensure that VM agent is installed on Azure Virtual MachineAzureCompliance Validation
LOW
AC_AZURE_0370Ensure that 'Public access level' is disabled for storage accounts with blob containersAzureInfrastructure Security
HIGH
AC_AZURE_0371Ensure 'Trusted Microsoft Services' are Enabled for Storage Account AccessAzureInfrastructure Security
HIGH
AC_AZURE_0372Ensure Default Network Access Rule for Storage Accounts is Set to DenyAzureInfrastructure Security
MEDIUM
AC_AZURE_0373Ensure that 'Secure transfer required' is set to 'Enabled'AzureData Protection
HIGH
AC_AZURE_0374Ensure a firewall is attached to Azure SQL ServerAzureInfrastructure Security
MEDIUM
AC_AZURE_0375Ensure that 'Auditing' Retention is 'greater than 90 days'AzureCompliance Validation
LOW
AC_AZURE_0376Ensure that 'Auditing' is set to 'On'AzureLogging and Monitoring
MEDIUM
AC_AZURE_0377Ensure usage of names like 'Admin' are avoided for Azure SQL ServerAzureCompliance Validation
MEDIUM
AC_AZURE_0378Ensure that Azure Active Directory Admin is configuredAzureIdentity and Access Management
HIGH
AC_AZURE_0379Ensure data encryption is enabled for Azure Synapse SQL PoolAzureData Protection
MEDIUM
AC_AZURE_0380Ensure no SQL Databases allow ingress 0.0.0.0/0 (ANY IP)AzureInfrastructure Security
MEDIUM
AC_AZURE_0381Ensure access to Azure SQL Servers is restricted within Azure Infrastructure via Azure SQL Firewall RuleAzureInfrastructure Security
HIGH
AC_AZURE_0382Ensure SQL Server audit with selected event types is enabled and has retention period of minimum 365 days for Azure SQL DatabaseAzureLogging and Monitoring
MEDIUM
AC_AZURE_0383Ensure that 'Threat Detection' is enabled for Azure SQL DatabaseAzureLogging and Monitoring
MEDIUM
AC_AZURE_0384Ensure that names like 'Admin' are not used for Azure SQL Server Active Directory AdministratorAzureCompliance Validation
MEDIUM
AC_AZURE_0385Ensure that standard pricing tiers are selected in Azure Security Center Subscription PricingAzureSecurity Best Practices
MEDIUM
AC_AZURE_0386Ensure That 'Notify about alerts with the following severity' is Set to 'High'AzureLogging and Monitoring
MEDIUM
AC_AZURE_0387Ensure That No Custom Subscription Owner Roles Are CreatedAzureIdentity and Access Management
MEDIUM
AC_AZURE_0388Ensure guest users are disabled for Azure Role AssignmentAzureIdentity and Access Management
HIGH
AC_AZURE_0389Ensure resource lock enabled for Azure Resource GroupAzureIdentity and Access Management
LOW
AC_AZURE_0390Ensure accessibility is restricted to 256 hosts for Azure Redis CacheAzureInfrastructure Security
MEDIUM
AC_AZURE_0391Ensure that firewall rules does not allow unrestricted access to Azure Redis Cache from other Azure sourcesAzureInfrastructure Security
HIGH
AC_AZURE_0392Ensure firewall rules reject internet access for Azure Redis CacheAzureInfrastructure Security
HIGH
AC_AZURE_0393Ensure regular security and operational updates are enabled for Azure Redis CacheAzureSecurity Best Practices
HIGH
AC_AZURE_0394Ensure only SSL connections are enabled for Azure Redis CacheAzureInfrastructure Security
MEDIUM
AC_AZURE_0395Ensure missing service endpoints are disabled for Azure PostgreSQL Virtual Network RuleAzureSecurity Best Practices
MEDIUM
AC_AZURE_0396Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database ServerAzureLogging and Monitoring
MEDIUM
AC_AZURE_0397Ensure server parameter 'connection_throttling' is set to 'ON' for PostgreSQL Database ServerAzureInfrastructure Security
LOW
AC_AZURE_0398Ensure infrastructure encryption for Azure PostgreSQL Server is enabledAzureInfrastructure Security
MEDIUM
AC_AZURE_0399Ensure that Identity block is defined and type is set to SystemAssigned for Azure PostgreSQL ServerAzureIdentity and Access Management
LOW
AC_AZURE_0400Ensure TLS connection is enabled for Azure PostgreSQL ServerAzureInfrastructure Security
MEDIUM
AC_AZURE_0401Ensure that Azure Active Directory Admin is configuredAzureIdentity and Access Management
HIGH
AC_AZURE_0402Ensure audit log retention period is greater than 90 days for Azure PostgreSQL ServerAzureResilience
LOW
AC_AZURE_0403Ensure email addresses are setup for Azure PostgreSQL ServerAzureCompliance Validation
LOW
AC_AZURE_0404Ensure public access is disabled for Azure PostgreSQL ServerAzureInfrastructure Security
MEDIUM
AC_AZURE_0405Ensure admin auth is properly setup for Azure PostgreSQL ServerAzureIdentity and Access Management
MEDIUM
AC_AZURE_0406Ensure that Advanced Threat Protection (ATP) on a SQL Server is Set to 'Enabled'AzureInfrastructure Security
HIGH
AC_AZURE_0407Ensure geo-redundant backups are enabled for Azure PostgreSQL ServerAzureResilience
MEDIUM
AC_AZURE_0408Ensure 'Enforce SSL connection' is set to 'ENABLED' for PostgreSQL Database ServerAzureInfrastructure Security
HIGH
AC_AZURE_0409Ensure Server Parameter 'log_checkpoints' is set to 'ON' for PostgreSQL Database ServerAzureLogging and Monitoring
MEDIUM
AC_AZURE_0410Ensure server parameter 'log_retention_days' is greater than 3 days for PostgreSQL Database ServerAzureResilience
MEDIUM