Versions Compared

Old Version 229

changes.mady.by.user cith_cspm_research_team

Saved on

compared with

New Version 230

changes.mady.by.user cith_cspm_research_team

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

March 20 2024

Rule IDRule NameSeverityChange TypeUpdated ContentBeforeAfterAffected Rulesets
D9.AWS.AS.44Ensure Resource Access Manager customer managed permissions should have tagsInformationalNew
  • AWS Health Insurance Portability and Accountability Act (U.S. HIPAA)
  • AWS Payment Card Industry Data Security Standard (PCI DSS) v4.0
  • CloudGuard AWS All Rules Ruleset
  • AWS EU GDPR
  • AWS NY Department of Financial Services (DFS) 23 CRR 500
  • AWS New Zealand Information Security Manual (NZ ISM) v3.6
  • AWS Australian Cyber Security Centre (ACSC) Information Security Manual
  • AWS US FedRAMP R5 (moderate)
  • AWS ISO 27017:2015
  • AWS SWIFT Customer Security Programme CSCF
  • AWS U.S. Sarbanes-Oxley Act (Section 404)
  • AWS Secure Controls Framework (SCF)
  • AWS ISO 27002:2022
  • AWS NIST Cybersecurity Framework (CSF) v1.1
D9.AWS.DR.17Ensure AWS Elastic Block Store (EBS) volumes have recent snapshots available for point-in-time recoveryHighModification
  • Logic
  • EbsSnapshot should not have createTime before(-7, 'days')
  • Volume should have getResources('EbsSnapshot') contain [$.createTime after(-7, 'days') and $.volumeId = ~.volumeId]
  • AWS NIST Special Publication 800-53 (Rev. 5)
  • CloudGuard AWS All Rules Ruleset
  • AWS APRA 234
  • AWS US FedRAMP R5 (moderate)
  • AWS U. S. FFIEC Cybersecurity Assessment Tool (CAT)
  • AWS U.S. Sarbanes-Oxley Act (Section 404)
  • AWS Secure Controls Framework (SCF)
  • AWS NIST Cybersecurity Framework (CSF) v1.1
D9.AWS.DR.19Ensure that Lightsail Relational Database has a recent snapshotHighModification
  • Logic
  • LightsailRelationalDatabase should have latestRestorableTime before(7, 'days')
  • LightsailRelationalDatabase should have latestRestorableTime after(-7, 'days')
  • AWS NIST Special Publication 800-53 (Rev. 5)
  • CloudGuard AWS All Rules Ruleset
  • AWS US FedRAMP R5 (moderate)
  • AWS U. S. FFIEC Cybersecurity Assessment Tool (CAT)
  • AWS U.S. Sarbanes-Oxley Act (Section 404)
  • AWS Secure Controls Framework (SCF)
  • AWS NIST Cybersecurity Framework (CSF) v1.1
D9.AWS.LOG.58Ensure that Access Logging should be enabled for AWS Elemental MediaStore ContainerMediumNew
  • CloudGuard AWS All Rules Ruleset
D9.AWS.OPE.152Ensure that AWS Elemental MediaStore Container should be ACTIVELowNew
  • CloudGuard AWS All Rules Ruleset
D9.GCP.OPE.29Ensure that only usable Instance are available in FilestoreLowNew
  • CloudGuard GCP All Rules Ruleset
D9.ALI.CRY.08Ensure Apsara File Storage NAS are encryptedHighNew
  • CloudGuard Alibaba All Rules Ruleset
D9.ALI.CRY.09Ensure Apsara File Storage NAS should have Encryption Type selectedHighNew
  • CloudGuard Alibaba All Rules Ruleset
D9.ALI.CRY.10Ensure that Automatic Rotation is enabled for KMSHighNew
  • CloudGuard Alibaba All Rules Ruleset
D9.ALI.CRY.11Ensure that Deletion Protection is Enabled for KMSHighNew
  • CloudGuard Alibaba All Rules Ruleset
D9.ALI.CRY.12Ensure only usable Keys are in the KMSLowNew
  • CloudGuard Alibaba All Rules Ruleset
D9.ALI.OPE.03Ensure that Apsara File Storage NAS should have tagsLowNew
  • CloudGuard Alibaba All Rules Ruleset
D9.OCI.AS.08Ensure that a newly created region subscription's status is readyInformationalNew
  • CloudGuard OCI All Rules Ruleset
D9.K8S.IA.UN.5Container Image – ScanSummaryCriticalNew
  • Workload Vulnerability 2.0 with ScanSummary rule
D9.AWS.OPE.131Ensure Resource Access Manager customer managed permissions should have tagsInformationalRemoval
  • AWS Health Insurance Portability and Accountability Act (U.S. HIPAA)
  • AWS Payment Card Industry Data Security Standard (PCI DSS) v4.0
  • CloudGuard AWS All Rules Ruleset
  • AWS EU GDPR
  • AWS NY Department of Financial Services (DFS) 23 CRR 500
  • AWS New Zealand Information Security Manual (NZ ISM) v3.6
  • AWS Australian Cyber Security Centre (ACSC) Information Security Manual
  • AWS US FedRAMP R5 (moderate)
  • AWS ISO 27017:2015
  • AWS SWIFT Customer Security Programme CSCF
  • AWS U.S. Sarbanes-Oxley Act (Section 404)
  • AWS Secure Controls Framework (SCF)
  • AWS ISO 27002:2022
  • AWS NIST Cybersecurity Framework (CSF) v1.1

March 13 2024

Rule IDRule NameSeverityChange TypeUpdated ContentBeforeAfterAffected Rulesets
D9.GCP.CRY.01Ensure VM Disks for Critical VMs Are Encrypted With Customer-Supplied Encryption Keys (CSEK)MediumModification
  • Severity
  • High
  • Medium
  • GCP CloudGuard CheckUp
  • GCP CIS Foundations v. 1.3.0
  • GCP Security Risk Management
  • GCP LGPD regulation
  • GCP NIST Special Publication 800-53 (Rev. 5)
  • GCP PCI-DSS 4.0
  • GCP CIS Foundations v. 2.0
  • GCP MITRE ATT&CK Framework v12.1
  • CloudGuard GCP All Rules Ruleset
  • GCP CIS Critical Security Controls v8
  • GCP CIS Foundations v. 1.0.0
  • GCP ISO 27001:2022
  • GCP APRA 234
  • GCP Cloud Security Alliance CCM v4
  • GCP Esquema Nacional Seguridad (ENS) 2022
  • GCP Risk Management in Technology (RMiT)
  • GCP Australian Cyber Security Centre (ACSC) Information Security Manual
  • GCP US FedRAMP R5 (moderate)
  • GCP ISO 27017:2015
  • GCP SWIFT Customer Security Programme CSCF
  • GCP NIST Special Publication 800-172
  • GCP U.S. Sarbanes-Oxley Act (Section 404)
  • GCP PCI-DSS 3.2
  • GCP Secure Controls Framework (SCF)
  • GCP ISO 27002:2022
  • GCP Cybersecurity Maturity Model Certification (CMMC) 2.0
  • GCP NIST Special Publication 800-171 (Rev. 2)
  • GCP NIST 800-53 Rev 4
  • GCP NY Department of Financial Services (DFS) 23 CRR 500
  • GCP New Zealand Information Security Manual (NZ ISM) v3.6
  • GCP ISO 27001:2013
  • GCP NIST Cybersecurity Framework (CSF) v1.1
  • GCP CloudGuard SOC2 based on AICPA TSC 2017
  • GCP Health Insurance Portability and Accountability Act (U.S. HIPAA)
  • GCP Dashboard System Ruleset
  • GCP EU GDPR
  • GCP CIS Foundations v. 1.1.0
  • GCP CIS Foundations v. 1.2.0
  • GCP CloudGuard Best Practices
D9.AWS.IAM.190Ensure that Authorization Type in AWS Kafka Connect Connector is not set to NoneHighModification
  • Logic
  • MSKConnectConnector should not have kafkaClusterClientAuthentication.authenticationType.value!='None'
  • MSKConnectConnector should not have kafkaClusterClientAuthentication.authenticationType.value='None'
  • CloudGuard AWS All Rules Ruleset
D9.AWS.OPE.142Ensure that AppFlow should have tagsLowNew
  • CloudGuard AWS All Rules Ruleset
D9.AWS.OPE.143Ensure that MediaStoreContainer should have tagsLowNew
  • CloudGuard AWS All Rules Ruleset
D9.AWS.OPE.144Ensure that DataSyncStorage should have tagsLowNew
  • CloudGuard AWS All Rules Ruleset
D9.AWS.OPE.145Ensure that CloudTrail should have tagsLowNew
  • CloudGuard AWS All Rules Ruleset
D9.AWS.OPE.148Ensure that EksCluster should have tagsLowNew
  • CloudGuard AWS All Rules Ruleset
D9.AWS.OPE.149Ensure AWS Verified Access should have FIPS status enabledHighNew
  • CloudGuard AWS All Rules Ruleset
D9.AWS.OPE.150Ensure AWS Verified Access should have tagsLowNew
  • CloudGuard AWS All Rules Ruleset
D9.GCP.NET.80Cloud Armor Security Policy Default Rule Action should be 'Deny'HighNew
  • CloudGuard GCP All Rules Ruleset
D9.GCP.OPE.21Ensure that DnsManagedZone should have tagsLowNew
  • CloudGuard GCP All Rules Ruleset
D9.GCP.OPE.22Ensure that PubSubTopic should have tagsLowNew
  • CloudGuard GCP All Rules Ruleset
D9.GCP.OPE.23Ensure that VMInstance should have tagsLowNew
  • CloudGuard GCP All Rules Ruleset
D9.GCP.OPE.24Ensure that Filestore Instance should have tagsLowNew
  • CloudGuard GCP All Rules Ruleset
D9.GCP.OPE.25Ensure that DataprocCluster should have tagsLowNew
  • CloudGuard GCP All Rules Ruleset
D9.GCP.OPE.26Ensure that Secret should have tagsLowNew
  • CloudGuard GCP All Rules Ruleset
D9.GCP.OPE.27Ensure that Disk should have tagsLowNew
  • CloudGuard GCP All Rules Ruleset
D9.GCP.OPE.28Ensure that 'Disable Automatic IAM Grants for Default Service Accounts' policy is enforced for Google Cloud Platform (GCP) organizationsMediumNew
  • CloudGuard GCP All Rules Ruleset
D9.ALI.OPE.01Ensure that Auto Scaling Group should have Deletion Protection enabledLowNew
  • CloudGuard Alibaba All Rules Ruleset
D9.ALI.OPE.02Ensure Auto Scaling group have scaling cooldown higher than a minuteLowNew
  • CloudGuard Alibaba All Rules Ruleset
D9.OCI.OPE.05Ensure that Tenancy should have defined tagsLowNew
  • CloudGuard OCI All Rules Ruleset

...