Versions Compared

Version Old Version 1 New Version 2
Changes made by

Guy Shteinberg

Omer Shliva

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

January 15, 2025

  • AWS CSA CCM v4

  • CloudGuard AWS All Rules Ruleset

  • AWS SWIFT Customer Security Programme CSCF

  • AWS SOX (Section 404)

  • AWS Secure Controls Framework (SCF) v2024.1

  • AWS ISO/SAE 21434:2021

  • AWS NIST SP 800-171A R3

  • AWS ISO/IEC 42001:2023

  • AWS Shared Assessments SIG Questionnaire

    • AWS NIST SP 800-171 R3

    Rule ID

    Rule Name

    Description

    Severity

    Change Type

    Updated Content

    Before

    After

    Affected Rulesets

    D9.AWS.CRY.170

    Ensure that sensitive parameters should be encrypted

    High

    New

    • AWS HIPAA

    • AWS MITRE ATT&CK Framework v11.3

    • AWS HITRUST CSF v11.0

    • AWS CIS Critical Security Controls v8

    • AWS CSA CCM v4

    • CloudGuard AWS All Rules Ruleset

    • AWS EU GDPR

    • AWS ISO 27001:2022

    • AWS APRA 234

    • AWS ENS 2022 Spain

    • AWS CMMC 2.0 v1.02

    • AWS CRI Profile v1.2

    • AWS NIST SP 800-171 R2

    • AWS NY DFS 23 CRR 500

    • AWS New Zealand ISM v3.6

    • AWS RMiT Malaysia

    • AWS ACSC ISM

    • AWS ISO 27017:2015

    • AWS SWIFT Customer Security Programme CSCF

    • AWS NIST SP 800-172

    • AWS SOX (Section 404)

    • AWS Secure Controls Framework (SCF) v2024.1

    • AWS ISO 27002:2022

    • AWS FedRAMP R5 (low)

    • AWS MPA Content Security Program

    • AWS DORA

    • AWS GLBA

    • AWS IEC/ISO 27701:2019

    • AWS NAIC Insurance Data Security Model Law

    • AWS NIST CSF v2.0

    • AWS NIS 2 Directive

    • AWS NIST SP 800-82 R3 (high)

    • AWS Security for Industrial Automation and Control Systems, Part 4-2

    • AWS NIST SP 800-171A R3

    • AWS NIST Privacy Framework

    • AWS SCF-Z Zero Trust Architecture (ZTA)

    • AWS NIST SP 800-207

    • AWS OWASP Top 10 - 2021

    • AWS Shared Assessments SIG Questionnaire

    • AWS TISAX ISA

    • AWS NIST SP 800-171 R3

    • AWS FISC

    • AWS CloudGuard Best Practices

    • AWS HITRUST CSF v9.2

    • AWS ITSG-33 Canada

    • AWS MITRE ATT&CK Framework v10

    D9.AWS.CAM.260

    Ensure that Amazon System Manager Document should not be publicly available

    Critical

    New

    • AWS CSA CCM v4

    • CloudGuard AWS All Rules Ruleset

    • AWS SWIFT Customer Security Programme CSCF

    • AWS SOX (Section 404)

    • AWS Secure Controls Framework (SCF) v2024.1

    • AWS ISO/SAE 21434:2021

    • AWS NIST SP 800-171A R3

    • AWS ISO/IEC 42001:2023

    • AWS Shared Assessments SIG Questionnaire

    • AWS NIST SP 800-171 R3

    D9.AWS.CAM.261

    Ensure that public System Manager Documents should have parameters included

    High

    New

    Platform

    CGN-SecurityGraph-102

    VM with CVE can connect to Database with sensitive data

    This VM has an exploitable CVE and can connect to a Database with sensitive data resulting in a potential severe data compromise.

    critical

    aws

    CGN-SecurityGraph-105

    Serverless function critically infected with a hacking tool

    This serverless function is infected with a hacking tool. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

    high

    azure

    CGN-SecurityGraph-106

    VM critically infected with a hacking tool

    This virtual machine (VM) is infected with a hacking tool. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

    high

    aws,azure

    CGN-SecurityGraph-107

    Serverless function infected with critical ransomware

    This serverless function is infected with ransomware. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

    critical

    azure

    CGN-SecurityGraph-108

    VM infected with critical ransomware

    This virtual machine (VM) is infected with ransomware. This combination poses a significant security risk, so it is crucial to address and fix this issue promptly to prevent a potential data breach.

    critical

    aws,azure