Skip to content
SecPod  – Documentation
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
Search this website
Menu Close
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO

Saner Platform

  • Saner Platform Release Notes
    • Saner Platform Integration Release: ServiceNow Integration Introduced, Freshservice Enhanced
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner Platform Guide
    • Saner Administration Guide
    • Saner Device Management User Guide
    • Saner Platform and ServiceNow Integration Guide
    • Saner Platform and Freshservice Integration Guide
    • Saner Platform Function Guides
  • FAQs
    • Saner CVEM Technical FAQs
  • How Tos
    • General
      • How to increase the subscription count for an Account in Saner CVEM
      • How to increment license count for an Organization in Saner CVEM
      • How to provision Saner tools for an Organization
      • How to change subscription type in Saner CVEM
      • How to sign-up with Saner CVEM?
      • How to create a new account in Saner CVEM?
      • How to enable SSO authentication policy in Saner CVEM?
      • How to set alerts in Saner?
      • How to view, download and filter the audit logs?
      • How to designate Saner Agent to perform network scan?
      • How to Co-Brand with your logo?
      • How to fetch the details of the mandatory fields from the Okta account?
      • How to create MFA policy for Okta?
      • How to fetch the details of the mandatory fields from the PingID account?
      • How to create MFA policy for PingID?
      • How to fetch the details of the mandatory fields from the PingOne account?
      • How to create MFA policy for PingOne?
      • How to download and install Saner Agent in Mac?
      • How to download and install Saner agent in Linux?
      • How to download and install the Saner agent in Windows?
      • How to update the expiry date of an existing subscription?
      • How to manage users and their preferences using role-based access?
      • How to uninstall Saner Agent using Saner Offline deployer tool.
      • How to onboard a new organization?
      • How to deploy Saner Agent using Saner Offline deployer tool.
      • How to install a Saner agent through the command line?
      • How to uninstall the Saner agent through command line?
    • Saner Reports
      • How to configure mail settings to email Report PDF?
      • How to create a custom report in Saner?
      • How to schedule for the report back up?
    • Saner Device Management
      • How to create custom groups in Saner CVEM
    • Saner Mail Settings
      • How to create new mail settings in Saner?
      • How to use OAuth-enabled authentication in Saner mail settings
      • How to create OAuth Client ID and Client Secret for Gmail
      • How to create OAuth Client ID and Client Secret for Microsoft 365.
  • Supported OSs and Platforms
    • Operating Systems and Platforms Supported
    • Supported Third-party Applications for Patching

Saner Cloud

  • Before You Begin
    • Glossary of Terms
    • Read me First
  • Get Started
    • Prerequisites For Saner SaaS Platform Deployment
    • Saner Cloud Deployment Guides
      • GCP OAuth Scopes for Saner CNAPP
      • Onboarding a GCP Organization to Saner Cloud(CLI)
      • Onboarding a GCP Project to Saner Cloud (CLI)
      • Onboarding a GCP Organization to Saner Cloud(Manual)
      • Onboarding a GCP Project to Saner Cloud(Manual)
      • Azure Onboarding
      • Troubleshooting
      • Get Started with Saner CNAPP AWS Cloud Deployment V1.0
      • Onboarding with AWS Credentials(Least Recommended Method)
      • Onboarding with AWS Role(Manual)
      • Onboarding with AWS Role CloudFormation (Automatic): Recommended
    • Roles and Permissions
      • Roles and Permissions for AWS Remediation Access
      • Roles and Permissions for Azure Onboarding, Detection, and Remediation
      • Roles and Permissions for GCP Project-level Detection and Remediation Access
      • Roles and Permissions for GCP Organization-level Detection and Remediation Access
    • Saner COSP Deployment Guides
      • Onboarding K8s Cluster to Saner COSP
      • Onboarding K8s Cluster to Saner COSP Through OIDC Protocol
  • Learn About
    • Saner CNAPP Best Practices
    • Secure Your IAM entities with Cloud Infrastructure Entitlement Management (CIEM)
    • Critical Events to Monitor in GCP
    • Saner CSRP Classification Based on Scoring Decision
    • Cloud Cyber Hygiene Scoring(CCHS) Approach
    • Remediation Rollback
    • Automation and Job-driven Remediation
    • Cost and Usage
    • Excessive Permission Categories Evaluated Across Different Cloud Services
    • Publicly Accessible Resources
    • Patch Aging and Patch Impact
    • SecPod Default Benchmarks
    • Watchlists
    • Cloud Workload Protection Platform(CWPP)
    • Overview of Report Views in Saner Cloud
    • Whitelisting Resources
    • Saner Plasma AI Assistant for Seamless User Interaction
    • Critical Events to Monitor in AWS
    • High-Privilege Actions in Critical Activity Logs for AWS
    • Audit Logs in Saner Cloud
    • Excessive Permissions
    • Alerts in SanerCloud
  • Tell Me How
    • How to Remediate in Saner Cloud?
    • How to Configure Automation Rule to Remediate Misconfigurations?
    • How to Manage Report Views at Organization-level in Saner Cloud?
    • How to Get a Cohesive View from Saner Cloud Unified Dashboard?
    • How to Use Tags to Quickly Filter Resources?
    • How to Troubleshoot Issues with Audit Logs?
    • How to Manage Groups and Tags in Saner Cloud?
    • How to Manage Report Views for a User Account in Saner Cloud?
    • How to Troubleshoot or Analyze with Critical Activity Logs?
    • How to Setup Alerts Across SanerCloud Tools?
    • How to Take Action on Alert Notifications from SanerCloud?
    • How to Remediate Findings in Saner COSP?
    • How to Rollback an Applied Remediation in Saner COSP?
    • How to Configure Automation Rules for COSP Misconfiguration Remediation?
    • CCHS
      • How to Monitor Resource Risk Trends for CHS?
      • How to Assess Resource Health through Severity Distribution?
      • How to Evaluate Service-Level Risks Using CHS Scores?
      • How to Analyze Cyber Hygiene Scores through Trend Chart?
      • How to Identify High-Risk Resources by Geo Location?
      • How to Get an Overview of Cyber Hygiene for Cloud Resources?
      • How to Review Organization-Level Cyber Hygiene Across Accounts?
      • How to Assess Risk Distribution for Different Cloud Providers?
      • How to Review Major Issues Contributing to the Drop of Cyber Hygiene Score at Account-Level?
      • How to Analyze Module-wise Risk through CHS Distribution?
      • How to View the Cyber Hygiene Score Distributed Across Cloud Environments?
      • How to Track Security Posture with Cyber Hygiene Score?
      • How to Configure Account Weightage?
    • CSRP
      • How to Monitor and Analyze Audit Logs for Risk Prioritization?
      • How to Configure Risk Based Cloud Security Alerts?
      • How to Generate Reports and Visualizations?
      • How to Filter Risks by Tags for Targeted Analysis?
      • How to Manage Prioritized Risks at Account-level?
      • How to View the Detailed Breakdown of a Specific Cloud Cyber Security Standard (CCSS) Risk Finding?
      • How to Review and Prioritize Resources Based on Associated Risks?
      • How to Assess Risk Distribution on Essential Resources?
      • How to Assess and Prioritize Risks Across Resource Categories?
      • How to Identify the Risks Affecting Essential Resources?
      • How to Assess Full Versus Limited Technical Impact of Exploiting an Anomaly?
      • How to Review the Risk Factor Distribution Based on Automatable Reliability?
      • How to Get an Overview of Exploitable Risks?
      • How to Map Risks to MITRE ATT&CK for Threat-Informed Defense?
      • How to Configure Questionnaire and Assess Security Practices Across Core Domains for an Account?
    • CSAE
      • How to Setup Watchlist Configuration for a Resource?
      • How to Identify Outdated Resources for Cleanup?
      • How does Resource Categorization Work in Saner CSAE?
      • How to Identify Resources Exposed to External Network?
      • How to Understand the Resource Footprint Globally Across Various Regions?
      • How to Make Informed Decisions on Your Expenditure based on Resource Usage Graph?
    • CSPM
      • How to Setup Benchmarks in Saner CSPM?
      • How to Use Quick Evaluation Benchmarks?
      • How to Detect Patterns over a Period with Resource Trends?
      • How to Assess System Compliance and Security Posture?
    • CSPA
      • How to Initiate Patch Remediation from CSPA Dashboard?
      • How to Quickly Identify the Detected and Remediated Anomalies for an Account?
      • How to Prioritize Remediation or Fixes based on Confidence Levels?
      • How to Examine the Overall Anomaly Information for Specific Rules or Checks?
      • How to Search and Retrieve Anomaly Data?
      • How to Whitelist Rules or Resources in Cloud Security Scans?
    • CIEM
      • How to See the Active Version for an IAM Policy?
      • How to Address Critical Activities Using Evidence?
      • How to View by Type and Usage for any Identity in CIEM?
      • How to Get Visibility into Cloud Entitlements?
      • How to Use Evidence to Address Policies with Excessive Permission?
      • How to Know the Excessive Permissions on a Specific Service?
      • How to Visually See the Relationship between Identity, Entitlement, Policy, or Permission?
      • How to Determine if a Policy has Excessive Permission?
      • How to Initiate Remediation for Different Identities from CIEM?
    • CSRM
      • Rollback an Applied Remediation
      • How to Configure Automation Rule to Remediate Misconfigurations?
      • How to Create a Patching Task for Items Currently in “Approval Pending” State?
      • How to Evaluate Remediation Effort with Patching Impact Chart?
      • How to Prioritize and Address Older or High-Risk Anomalies with Patch Aging?
      • How to Monitor the Overall Status of the Remediation Job?
      • How do I Get to Know the Regions Impacted by a Specific Rule?
      • How to View the Severity of a Missing Patch Affected by a Rule?
      • How to Address Missing Patches Via Remediation Tasks?
      • How to Quickly Access the Necessary Tool for Remediation and Begin Patching Tasks?
  • Saner Cloud Release Notes
    • Saner Cloud – V.3.0.1.1 Release Notes
    • Saner Cloud – V.3.0.1.0 Release Notes
    • Saner Cloud – V.3.0.0.0 Release Notes
    • Saner Cloud – V.2.0.0.2 Release Notes
    • Saner Cloud – V.2.0.0.1 Release Notes
    • Saner Cloud – V.2.0.0.0 Release Notes
    • Saner Cloud – V.1.2.0.1 Release Notes
    • Saner Cloud – V.1.2.0.0 Release Notes
    • Saner Cloud – V.1.1.0.0 Release Notes
    • Saner Cloud – V.1.1 Release Notes
    • Saner Cloud – V.1.0 Release Notes
  • Saner Cloud User Guides
    • GCP Cloud Infrastructure Entitlement Management (CIEM) User Guide
    • Azure Cloud Infrastructure Entitlement Management(CIEM) User Guide
    • Cloud Security Risk Prioritization(CSRP) User guide
    • Cloud Cyber Hygiene Score(CCHS) User Guide
    • Cloud Security Remediation Management(CSRM) User Guide
    • AWS Cloud Infrastructure Entitlement Management(CIEM) User Guide
    • Cloud Security Posture Anomaly(CSPA) User Guide
    • Cloud Security Asset Exposure(CSAE) User Guide
    • Cloud Security Posture Management(CSPM) User Guide
  • Saner COSP User Guides
    • Container Orchestration Security Platform (COSP) User Guide
    • Container Orchestration Asset Exposure(COAE) User Guide
    • Container Orchestration Posture Management(COPM) User Guide
    • Container Orchestration Posture Anomaly(COPA) Userguide
    • Container Orchestration Entitlement Management(COEM) Userguide
    • Container Orchestration Remediation Management(CORM) User Guide
  • Saner COSP Release Notes
    • Saner COSP – V.1.0.0.0 Release Notes
  • Frequently Asked Questions
    • Saner COSP Technical FAQs
    • Saner Cloud Technical FAQs

Saner CVEM

  • Saner CVEM Release Notes
    • Release Notes Saner CVEM 6.6.1
    • Release Notes Saner CVEM 6.6
    • Release Notes Saner 6.5
    • Saner Platform Integration Release: ServiceNow Integration Introduced, Freshservice Enhanced
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • SanerNow Risk Prioritization Launch
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
    • Saner CVEM
      • Release Notes Saner CVEM 6.6
  • Saner CVEM Guide
    • Prerequisites For Saner SaaS Platform Deployment
    • What’s New in Saner CVEM?
    • Getting Started with Saner CVEM
    • Pre-requisites for Saner CVEM Deployment
    • How does Saner CVEM’s deployment architecture work?
  • Saner CVEM Products
    • Overview of Saner Continuous Vulnerability and Exposure Management
    • Saner CVEM Unified Dashboard User Guide
    • Saner CVEM Asset Exposure User Guide
    • Saner CVEM Continuous Posture Anomaly Management User Guide
    • Data Points IT teams can Fetch from Saner CPAM
    • Posture Anomaly Computation Rules
    • Saner CVEM Vulnerability Management User Guide
    • Saner CVEM Compliance Management User Guide
    • Saner CVEM Risk Prioritization User Guide
    • Saner CVEM Patch Management User Guide
    • Saner CVEM Endpoint Management User Guide
    • Saner CVEM Remote Scripting User Guide
    • Saner CVEM Remote Access User Guide
    • Saner CVEM Network Scanner User Guide
    • Saner CVEM Cyber Hygiene Score User Guide
  • How Tos
    • Saner AE
      • How to blacklist and whitelist applications in Saner AE?
      • How to manage asset licenses using Saner AE?
      • How to run an asset scan using Saner AE?
    • Saner CPAM
      • How to create new response in PA tool?
      • How to build your own detection and response in PA tool?
      • How to whitelist an entire PA ID?
      • How to configure Posture Anomaly tool for custom detection?
      • How to fix Anomalies from PA dashboard?
      • How to fix anomalies detected in your account from All Anomalies Page?
      • How to fix anomalies from PA Summary page?
      • How to delete PA scan preferences?
      • How to schedule PA Scans on Daily, Weekly, and Monthly basis?
      • How to launch Posture Anomaly scans?
    • Saner VM
      • How to automate and schedule vulnerability scans?
      • How to exclude vulnerabilities in Saner VM tool
      • How to manage excluded vulnerabilities in Saner VM?
      • How to remediate vulnerabilities from vulnerability management dashboard?
    • Saner CM
      • How to run a compliance scan?
      • How to custom create a security policy?
      • How to align with PCI security compliance management?
      • How to align with NIST 800-171 security compliance management?
      • How to align with NIST 800-53 security compliance management?
      • How to align with HIPAA security compliance management using Saner CM?
    • Saner PM
      • How to fix firmware in Saner?
      • How to exclude patches in Saner PM?
      • How to manage excluded patches in Saner PM?
      • How to automate patch management in Saner PM?
      • How to roll back patches in Saner PM?
      • How to apply missing patches in Saner PM?
      • How to apply the most critical patches in Saner PM?
      • How to perform custom remediation for applications that require paid patches using Saner PM
      • How to check the status of patching activity?
    • Saner EM
      • How to collect all security events from Windows Events Log?
      • How to check password policy set in Windows systems?
      • How to check status of DEP in Windows systems?
      • How to check faulty Anti-Virus (AV) status in Windows systems?
      • How to check for Anti-Virus (AV) status in Windows systems?
      • How to check account lockout policy on Windows systems?
      • How to check if Bit-locker protection is OFF in Windows systems?
      • How to list all inactive users on Windows systems?
      • How to list all guest accounts in Windows systems?
      • How to list all Administrator accounts on Windows systems?
      • How to list last-logon details of users on Windows systems?
      • How to identify all users in Windows systems?
      • How to collect all services that are currently running in Windows systems?
      • How to list all Groups in Windows systems?
      • How to collect all keyboard and pointing devices connected to Windows systems?
      • How to collect all storage devices connected to Windows systems?
      • How to investigate total RAM or CPU threshold (greater than or equal to 80%) in Windows systems?
      • How to collect operating systems information in Windows?
      • How to investigate disks running out of space (<100 MB) in Windows systems?
      • How to collect and investigate disk information on Windows systems?
      • How to collect all installed patches in Windows systems?
      • How to collect all software patches that are hidden in the Windows Update server?
      • How to check the status of Windows Update Server (WSUS/SCCM)?
      • How to collect BIOS information such as serial number, version, manufacturer in Windows systems?
      • How to collect all the important missing patches in Windows systems?
      • How to check wireless security in Linux systems?
      • How to collect mounted disk information on Linux systems?
      • How to check wireless signal quality in Linux systems?
      • How to check all firewall policies on Linux systems?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Linux systems?
      • How to collect DNS information on Linux systems?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing in Linux?
      • How to check wireless signal quality in Windows systems?
      • How to check wireless security in Windows systems?
      • How to collect all open ports in Windows systems?
      • How to collect all network interfaces in Windows systems?
      • How to investigate DNS cache on Windows systems?
      • How to check all firewall policies on Windows systems?
      • How to collect DNS information on Windows systems?
      • How to collect all the applications with an unknown publisher in Linux systems?
      • How to perform system tuning?
      • How to collect all software licenses in Windows systems?
      • How to identify potentially unwanted programs such as torrent downloaders or unnecessary toolbars running on Windows systems?
      • How to collect a list of applications that are started when you boot your computer?
      • How to collect all the applications with an unknown publisher in Windows systems?
      • How to collect all software licenses in Mac systems?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing Windows?
      • How to collect all families of operating systems such as Windows, Unix, and macOS?
      • How to collect environment variables set in all operating systems?
      • How to collect all the applications with an unknown publisher in Mac systems?
      • How to delete and quarantine a file?
      • How to start and stop the processes in Saner?
      • How to block blacklisted applications in Saner?
      • How to enable/disable devices in Saner
      • How to manually import devices into Saner?
      • How to deploy software in Saner EM?
      • How to enable and disable firewall settings in Saner AE?
      • How to collect all shared resources on Windows systems?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Windows systems?
      • How to connect to a client machine graphically using Saner Remote Access
  • FAQs
    • Saner CVEM Technical FAQs

Security Intelligence for Saner CVEM

  • Overview of Security Content and Intelligence
  • Security Content Statistics
  • OVAL Definitions Platform Coverage
  • OVAL Definitions Class-wise Distribution
  • OVAL Definitions Family-wise Distribution
  • Application and OS Remediation Coverage
  • Compliance Benchmark Coverage
  • List of Vulnerability to Exploit/Malware Mapping covered in Saner
  • Network Scanner Product Support Matrix
  • Privilege levels for authenticated scans using Saner Network Scanner

Security Intelligence for Saner Cloud

  • Benchmark Compliance Rules in AWS, Azure, and GCP
    • GCP
      • SecPod Rules in GCP
        • SecPod Default Rules in GCP: An Overview
        • Understand SecPod Default Rules in GCP
        • Understand SecPod Global Rules in GCP
        • Understand SecPod Regional Rules in GCP
      • CIS Rules in GCP
        • CIS Benchmark Compliance Rules in GCP: An Overview
        • Understand CIS 4.0.0 Rules in GCP
        • Understand CIS 4.0.0 Global Rules in GCP
        • Understand CIS 4.0.0 Regional Rules in GCP
    • AWS
      • SecPod Rules in AWS
        • SecPod Default Rules in AWS: An Overview
        • Understand SecPod Default Rules in AWS
        • Understand SecPod Global Rules in AWS
        • Understand SecPod Regional Rules in AWS
      • PCI DSS 3.2.1 Rules in AWS
        • PCI DSS 3.2.1 Rules in AWS: An Overview
        • Understand PCI DSS 3.2.1 Rules in AWS
        • Understand PCI DSS 3.2.1 Global Rules in AWS
        • Understand PCI DSS 3.2. 1 Regional in AWS
      • CIS Rules in AWS
        • CIS Rules in AWS: An Overview
        • Understand CIS Rules in AWS
        • Understand CIS 3.0.0 Rules in AWS
        • Understand CIS 4.0.1 Rules in AWS
        • Understand CIS 4.0.0 Rules in AWS
        • Understand CIS 3.0.0 Global Rules in AWS
        • Understand CIS 4.0.0 Global Rules in AWS
        • Understand CIS 3.0.0 Regional Rules in AWS
        • Understand CIS 4.0.0 Regional Rules in AWS
      • NIST 800-53 Revision 5 Rules in AWS
        • NIST 800-53 Revision 5 Rules in AWS: An Overview
        • Understand NIST 800-53 Revision 5 Rules in AWS
        • Understand NIST 800-53 Revision 5 Global Rules in AWS
        • Understand NIST 800-53 Revision 5 Regional Rules in AWS
      • SOC 2 Rules in AWS
        • SOC 2 Rules in AWS: An Overview
        • Understand SOC 2 Rules in AWS
        • Understand SOC 2 Global Rules in AWS
        • Understand SOC 2 Regional Rules in AWS
      • HIPAA HITRUST Rules in AWS
        • HIPAA HITRUST Rules in AWS: An Overview
        • Understand HIPAA HITRUST Rules in AWS
        • Understand HIPAA HITRUST Global Rules in AWS
        • Understand HIPAA HITRRUST Regional Rules in AWS
    • Azure
      • SOC 2 Rules in Azure
        • SOC 2 Rules in Azure: An Overview
        • Understand SOC2 Rules in Azure
        • Understand SOC2 Global Rules in Azure
        • Understand SOC2 Regional Rules in Azure
      • CIS Rules in Azure
        • CIS Rules in Azure: An Overview
        • Understand CIS 1.2.0 Rules in Azure
        • Understand CIS 2.1.0 Rules in Azure
        • Understand CIS 1.1.0 Benchmark Compliance Rules in Azure
        • Understand CIS 3.0.0 Benchmark Compliance Rules in Azure
        • Understand CIS 1.2.0 Global Benchmark Compliance Rules in Azure
        • Understand CIS 2.1.0 Global Benchmark Compliance Rules in Azure
        • Understand CIS 3.0.0 Global Benchmark Compliance Rules in Azure
        • Understand CIS 2.1.0 Regional Benchmark Compliance Rules in Azure
        • Understand CIS 3.0.0 Regional Benchmark Compliance Rules in Azure
      • NIST 800-53 Revision Rules in Azure
        • NIST 800-53 Revision 5 Rules in Azure: An Overview
        • Understand NIST 800-53 Revision 5 Rules in Azure
        • Understand NIST 800-53 Revision 5 Global Rules in Azure
        • Understand NIST 800-53 Revision 5 Regional Rules in Azure
      • SecPod Rules in Azure
        • SecPod Default Rules in Azure: An Overview
        • Understand SecPod Global Rules in Azure
        • Understand SecPod Regional Rules in Azure
        • Understand SecPod Default Rules in Azure
      • HIPAA HITRUST Rules in Azure
        • HIPAA HITRUST Rules in Azure: An Overview
        • Understand HIPAA HITRUST 14.7.0 Rules in Azure
        • Understand HIPAA HITRUST 14.7.0 Global Rules in Azure
        • Understand HIPAA HITRUST 14.7.0 Regional Rules in Azure
      • PCI DSS Rules in Azure
        • PCI DSS 3.2.1 Rules in Azure: An Overview
        • Understand PCI DSS 4.0 Rules in Azure
        • Understand PCI DSS 4.0 Global Rules in Azure
        • Understand PCI DSS 4.0 Regional Rules in Azure
  • Posture Anomaly Checks in AWS, Azure, and GCP
    • Implementing Posture Anomaly Checks in AWS
    • Implementing Posture Anomaly Checks in Azure
    • Implementing Posture Anomaly Checks in GCP
  • Infrastructure Entitlement Checks in AWS, Azure, and GCP
    • Implementing Infrastructure Entitlement Checks in AWS
    • Implementing Infrastructure Entitlement Checks in Azure
    • Implementing Infrastructure Entitlement Checks in GCP
View Categories
  • Home
  • Docs
  • Security Intelligence for Saner Cloud
  • Benchmark Compliance Rules in AWS, Azure, and GCP
  • GCP
  • SecPod Rules in GCP
  • Understand SecPod Default Rules in GCP

Understand SecPod Default Rules in GCP

Print Friendly, PDF & Email

Interpretation of the Columns in Benchmark Compliance Rules:

Rule ID: A unique identifier for the specific security rule or check

Title: A brief description of the security issue or misconfiguration

Severity — Low to High: Determines the risk of being exposed to attacks

Service Type: The AWS service affected or evaluated by the rule

Resource Type: The specific AWS resource being audited

Rule IDTitleSeverityService TypeResource Type
CSPM-GCP-2025-0001Enable Deletion Protection for VM InstancesHighComputeEngineVMInstances
CSPM-GCP-2025-0002-01OS Login Disabled on Compute InstancesMediumComputeEngineVMInstances
CSPM-GCP-2025-0002-02OS Login Disabled on Project MetadataMediumComputeEngineGlobalVMInstances
CSPM-GCP-2025-0003Datasets Publicly AccessibleCriticalBigQueryDatasets
CSPM-GCP-2025-0004Dataset Not Encrypted with CMKsMediumBigQueryDatasets
CSPM-GCP-2025-0005Instance Allows Root Login from Any HostCriticalCloud SQL GlobalCloudSQL Users
CSPM-GCP-2025-0006Cloud SQL Missing Automated BackupMediumCloud SQLInstances
CSPM-GCP-2025-0007Cloud SQL Accessible from Public RangesCriticalCloud SQLInstances
CSPM-GCP-2025-0008Cloud SQL Public Internet AccessCriticalCloud SQLInstances
CSPM-GCP-2025-0010Cloud SQL Not Enforcing TLS/SSLHighCloud SQLInstances
CSPM-GCP-2025-0011Missing Backup ProtectionHighCloud SQLInstances
CSPM-GCP-2025-0012Cloud SQL Public Internet AccessCriticalCloud SQLInstances
CSPM-GCP-2025-0013MySQL Local Infile EnabledHighCloud SQLInstances
CSPM-GCP-2025-0015PostgreSQL Log Connections OffMediumCloud SQLInstances
CSPM-GCP-2025-0018Log Min Duration Statement Not SetMediumCloud SQLInstances
CSPM-GCP-2025-0020SQL Server Remote Access EnabledHighCloud SQLInstances
CSPM-GCP-2025-0021Contained DB Authentication EnabledHighCloud SQLInstances
CSPM-GCP-2025-0022Cross DB Ownership Chaining EnabledHighCloud SQLInstances
CSPM-GCP-2025-0023Storage Bucket Public AccessCriticalCloud Storage GlobalBucketPolicy
CSPM-GCP-2025-0027Uniform Bucket Access DisabledHighCloud StorageBuckets
CSPM-GCP-2025-0028Insecure Default Firewall RulesHighNetwork SecurityFirewalls
CSPM-GCP-2025-0029Firewall Allows All PortsCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0030Unrestricted DNS Firewall AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0031Unrestricted FTP Firewall AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0035Project-wide SSH Keys EnabledHighComputeEngineVMInstances
CSPM-GCP-2025-0036Serial Port Access EnabledHighComputeEngineVMInstances
CSPM-GCP-2025-0037Default Service Account UsedHighComputeEngineVMInstances
CSPM-GCP-2025-0041Ensure That IP Forwarding Is Not Enabled on InstancesMediumComputeEngineVMInstances
CSPM-GCP-2025-0044Shielded VM DisabledHighComputeEngineVMInstances
CSPM-GCP-2025-0056Cloud Functions HTTP AccessMediumCloud FunctionsFunctions
CSPM-GCP-2025-0058Cloud Function Public AccessCriticalCloud FunctionsFunctions
CSPM-GCP-2025-0062Non-Workspace Account in UseMediumIAMPolicies
CSPM-GCP-2025-0063Service Account Keys Not RotatedHighIAMKeys
CSPM-GCP-2025-0069Service Account Admin PrivilegesCriticalIAMIAM
CSPM-GCP-2025-0071User-Managed SA KeysCriticalIAMKeys
CSPM-GCP-2025-0073KMS Keys Publicly AccessibleCriticalCloud KMS GlobalPolicies
CSPM-GCP-2025-0074KMS Rotation MissingMediumCloud KMSKeys
CSPM-GCP-2025-0075GKE Basic Auth EnabledHighKubernetes EngineClusters
CSPM-GCP-2025-0082Missing Master Authorized NetworksHighKubernetes EngineClusters
CSPM-GCP-2025-0094GKE Legacy Authorization EnabledHighKubernetes EngineClusters
CSPM-GCP-2025-0103Redis AUTH DisabledHighCloud MemorystoreRedisInstances
CSPM-GCP-2025-0105Missing Log Metric (Audit Changes)HighLoggingMetrics
CSPM-GCP-2025-0128Privileged SA Roles AssignedCriticalIAMIAM
CSPM-GCP-2025-0130Cloud Storage Public BucketCriticalCloud Storage GlobalBucketPolicy
CSPM-GCP-2025-0189Unrestricted SSH Port 22CriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0262Unrestricted RDPCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0275Unrestricted Egress All PortsCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0282Kubernetes API Server ExposedCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0113Ensure that sinks are configured for all Log EntriesMediumLoggingSinks
CSPM-GCP-2025-0114Alerts doesn’t exist for audit configuration changesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0115Alerts doesn’t exist for cloud storage IAM permission changesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0116Alerts doesn’t exist for Custom Role ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0117Alerts doesn’t exist for project ownership assignments/changesHighMonitoringAlertPolicies
CSPM-GCP-2025-0118Alerts doesn’t exist for SQL Instance Configuration ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0119Alerts don’t exist for VPC Network ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0120Alerts don’t exist for VPC Network Firewall Rule ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0121Alerts don’t exist for VPC Network Route ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0071User-Managed Service Account KeysCriticalIAMKeys
CSPM-GCP-2025-0114Alerts doesn’t exist for Audit Configuration changesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0113Ensure that sinks are Configured for All Log EntriesMediumLoggingSinks
CSPM-GCP-2025-0115Alerts doesn’t exist for Cloud Storage IAM Permission ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0116Alerts doesn’t exist for Custom Role changesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0117Alerts don’t exist for Project Ownership Assignments/ChangesHighMonitoringAlertPolicies
CSPM-GCP-2025-0118Alerts don’t exist for SQL Instance Configuration ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0119Alerts Don’t exist for VPC Network ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0120Alerts don’t exist for VPC Network Firewall Rule ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0121Alerts don’t exist for VPC Network Route ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0009MySQL Instances with Binary Logging DisabledMediumCloud SQLInstances
CSPM-GCP-2025-0014Log Checkpoints Database Flag for PostgreSQL Instance Is offMediumCloud SQLVMInstances
CSPM-GCP-2025-0016Log Disconnections Database Flag for PostgreSQL Instance Is offMediumCloud SQLInstances
CSPM-GCP-2025-0017Log Lock Waits Database Flag for PostgreSQL Instance Is offMediumCloud SQLInstances
CSPM-GCP-2025-0018Log Min Duration Statement Database Flag for PostgreSQL Instance Is Not Set to -1MediumCloud SQLInstances
CSPM-GCP-2025-0019Log Min Error Statement Database Flag for PostgreSQL Instance Is Not Set to ERRORMediumCloud SQLInstances
CSPM-GCP-2025-0020SQL Server Instances with Remote Access EnabledHighCloud SQLInstances
CSPM-GCP-2025-0024Cloud Storage Buckets with Access Logging DisabledMediumCloud StorageBuckets
CSPM-GCP-2025-0025Cloud Storage Private Access Prevention not enforcedHighCloud StorageBuckets
CSPM-GCP-2025-0024Cloud Storage Buckets with access logging disabledMediumCloud StorageBuckets
CSPM-GCP-2025-0025Cloud Storage Private Access Prevention not enforcedHighCloud StorageBuckets
CSPM-GCP-2025-0026Cloud Storage Buckets without Object VersioningMediumCloud StorageBuckets
CSPM-GCP-2025-0027Cloud Storage Buckets Without Uniform Bucket-Level AccessHighCloud StorageBuckets
CSPM-GCP-2025-0028VPC using Insecure Default Firewall RulesHighNetwork SecurityFirewalls
CSPM-GCP-2025-0029VPC Firewall Rules allowing All Ports ExposedCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0030Firewall Rule allows unrestricted DNS AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0031Firewall Rule allows Unrestricted FTP AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0032Firewall Rule allows Unrestricted ICMP AccessMediumNetwork SecurityFirewalls
CSPM-GCP-2025-0033Firewall Rule allows Unrestricted Access to Custom PortsHighNetwork SecurityFirewalls
CSPM-GCP-2025-0044Shielded VM DisabledHighComputeEngineVMInstances
CSPM-GCP-2025-0045Instance without deletion protectionMediumComputeEngineVMInstances
CSPM-GCP-2025-0051Old Instance Disk SnapshotMediumComputeEngineGlobalSnapshots
CSPM-GCP-2025-0056Cloud Functions not enforcing HTTPS-Only AccessMediumCloud FunctionsFunctions
CSPM-GCP-2025-0057Potential Secrets in Function Environment Variables (Gen 1)HighCloud FunctionsFunctions
CSPM-GCP-2025-0059GEN_1 Cloud Functions Exposed with Public AccessCriticalCloud FunctionsFunctions
CSPM-GCP-2025-0060Secret Manager API is “Disabled” for your ProjectMediumService UsageEnabledServices
CSPM-GCP-2025-0062Gmail/Non-Workspace Account in useMediumIAMPolicies
CSPM-GCP-2025-0063Lack of User-Managed Service Account Key RotationHighIAMKeys
CSPM-GCP-2025-0069Service Account with Admin PrivilegesCriticalIAMIAM
CSPM-GCP-2025-0071User-Managed Service Account KeysCriticalIAMKeys
CSPM-GCP-2025-0072User with Privileged Service Account Roles at the Project LevelCriticalIAMIAM
CSPM-GCP-2025-0073Cloud KMS Cryptographic Keys Exposed to Public AccessCriticalCloud KMS GlobalPolicies
CSPM-GCP-2025-0074KMS Encryption Not Rotated within 90 DaysMediumCloud KMSCryptoKeys
CSPM-GCP-2025-0074-01KMS Encryption Not Rotated within 90 DaysMediumCloud KMSKeys
CSPM-GCP-2025-0074-02KMS Encryption Not Rotated within 90 DaysMediumCloud KMS GlobalKeys
CSPM-GCP-2025-0075GKE Clusters with Basic Authentication EnabledHighKubernetes EngineClusters
CSPM-GCP-2025-0076GKE Clusters with Certificate-Based Authentication EnabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0077GKE Clusters Without Alias IP (IP Aliasing) EnabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0078GKE Clusters Without Application-Layer Secrets EncryptionHighKubernetes EngineClusters
CSPM-GCP-2025-0079GKE Clusters Without Binary Authorization ProtectionMediumKubernetes EngineClusters
CSPM-GCP-2025-0080GKE Clusters Missing Resource LabelsMediumKubernetes EngineClusters
CSPM-GCP-2025-0081GKE Clusters with Logging DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0082GKE Clusters Without Master Authorized Networks ProtectionHighKubernetes EngineClusters
CSPM-GCP-2025-0083Workload Metadata Configuration DisabledHighKubernetes EngineClusters
CSPM-GCP-2025-0084GKE Clusters with Monitoring DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0085GKE Clusters Without Network Policy EnforcementHighKubernetes EngineClusters
CSPM-GCP-2025-0086Pod Security Policy DisabledHighKubernetes EngineClusters
CSPM-GCP-2025-0087GKE Clusters with Public Master Endpoints ExposedHighKubernetes EngineClusters
CSPM-GCP-2025-0088Private Google Access DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0089GKE Clusters Not Enrolled in Release ChannelMediumKubernetes EngineClusters
CSPM-GCP-2025-0090Shielded GKE Nodes Disabled on ClustersHighKubernetes EngineClusters
CSPM-GCP-2025-0091Workload identity disabledHighKubernetes EngineClusters
CSPM-GCP-2025-0092Kubernetes Dashboard EnabledHighKubernetes EngineClusters
CSPM-GCP-2025-0093Default Service Account in Use for GKE NodesHighKubernetes EngineNodePools
CSPM-GCP-2025-0094GKE Clusters Using Legacy Authorization ModeHighKubernetes EngineClusters
CSPM-GCP-2025-0095GKE Clusters Using Legacy Metadata API EndpointsHighKubernetes EngineNodePools
CSPM-GCP-2025-0096Nodes with Auto-Repair DisabledMediumKubernetes EngineNodePools
CSPM-GCP-2025-0097Nodes with Auto-Upgrade DisabledMediumKubernetes EngineNodePools
CSPM-GCP-2025-0098Lack of Container-Optimized OS Node ImagesMediumKubernetes EngineNodePools
CSPM-GCP-2025-0099Nodes with Integrity Monitoring DisabledMediumKubernetes EngineNodePools
CSPM-GCP-2025-0100Nodes with Secure Boot DisabledHighKubernetes EngineNodePools
CSPM-GCP-2025-0101Private Cluster Nodes DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0102Excessive OAuth Scopes on Default Service AccountMediumKubernetes EngineNodePools
CSPM-GCP-2025-0105Log Metric Filter Doesn’t Exist for Audit Configuration ChangesHighLoggingMetrics
CSPM-GCP-2025-0106Log Metric Filter Doesn’t Exist for Storage Bucket IAM Permission ChangesMediumLoggingMetrics
CSPM-GCP-2025-0107Log Metric Filter Doesn’t Exist for Custom Role ChangesMediumLoggingMetrics
CSPM-GCP-2025-0108Log Metric Filter Doesn’t Exist for Project Ownership Assignments/ChangesMediumLoggingMetrics
CSPM-GCP-2025-0109Log Metric Filter Doesn’t Exist for SQL Instance Configuration ChangesMediumLoggingMetrics
CSPM-GCP-2025-0110Log Metric Filter Doesn’t Exist for VPC Network Firewall Rule ChangesMediumLoggingMetrics
CSPM-GCP-2025-0111Log Metric Filter Doesn’t Exist for VPC Network Route ChangesMediumLoggingMetrics
CSPM-GCP-2025-0112Log Metric Filter Doesn’t Exist for VPC Network ChangesMediumLoggingMetrics
CSPM-GCP-2025-0113Ensure That Sinks Are Configured for All Log EntriesMediumLoggingSinks
CSPM-GCP-2025-0114Alerts Doesn’t Exist for Audit Configuration ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0115Alerts Doesn’t Exist for Cloud Storage IAM Permission ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0116Alerts Doesn’t Exist for Custom Role ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0117Alerts Doesn’t Exist for Project Ownership Assignments/ChangesHighMonitoringAlertPolicies
CSPM-GCP-2025-0118Alerts Doesn’t Exist for SQL Instance Configuration ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0119Alerts Doesn’t Exist for VPC Network ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0120Alerts Doesn’t Exist for VPC Network Firewall Rule ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0121Alerts Doesn’t Exist for VPC Network Route ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0123Compute Secure Boot DisabledHighComputeEngineVMInstances
CSPM-GCP-2025-0124Compute Instance Automatic Restart DisabledMediumComputeEngineVMInstances
CSPM-GCP-2025-0125Compute Instance On Host Maintenance Not Set to MigrateMediumComputeEngineVMInstances
CSPM-GCP-2025-0126Compute Instance Persistent Disk Auto-Delete EnabledHighComputeEngineVMInstances
CSPM-GCP-2025-0127Preemptible VM Instance DetectedMediumComputeEngineVMInstances
CSPM-GCP-2025-0128User with Privileged Service Account Roles at the Project LevelCriticalIAMIAM
CSPM-GCP-2025-0129Essential Contacts Not ConfiguredMediumCloud Resource ManagerContacts
CSPM-GCP-2025-0132Dataproc Cluster Full Encryption with Customer-Managed Keys (kmsKey) Not ConfiguredMediumDataprocDataprocClusters
CSPM-GCP-2025-0133Table Not Encrypted with Customer-Managed Keys (CMKs)MediumBigQueryTables
CSPM-GCP-2025-0134Dataproc Clusters Are Publicly AccessibleCriticalDataprocDataprocClusters
CSPM-GCP-2025-0135Ensure that your Google Cloud Filestore instances have Deletion Protection feature enabledMediumFilestoreFilestoreInstances
CSPM-GCP-2025-0136Essential Contacts Not ConfiguredMediumCloud Resource ManagerContacts
CSPM-GCP-2025-0137Essential Contacts Not Configured with Required Notification CategoriesMediumCloud Resource ManagerContacts
CSPM-GCP-2025-0139Project-Level Essential Contacts Missing Critical Notification CategoriesMediumIAMContacts
CSPM-GCP-2025-0140Essential Contacts Not Configured at Folder LevelMediumIAMContacts
CSPM-GCP-2025-0141Folder-Level Essential Contacts Missing Critical Notification CategoriesMediumIAMContacts
CSPM-GCP-2025-0142Ensure That Cloud Audit Logging Is Configured ProperlyMediumIAMAudit
CSPM-GCP-2025-0143Ensure That Cloud Audit Logging Is Configured Properly at Project LevelMediumIAMAudit
CSPM-GCP-2025-0144Ensure That Cloud Audit Logging Is Configured Properly at Folder LevelMediumIAMAudit
CSPM-GCP-2025-0146Firewall Rule Allows Unrestricted MySQL AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0147Firewall Rule Allows Unrestricted Oracle Database AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0148Firewall Rule Allows Unrestricted TCP/UDP Access on All PortsCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0149Firewall Rule Allows Unrestricted PostgreSQL AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0150GKE Clusters Without Intranode Visibility EnabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0151Alpha GKE Cluster in UseHighKubernetes EngineClusters
CSPM-GCP-2025-0152GKE Cluster Cost Allocation DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0153GKE Cluster Backup for GKE DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0154GKE Clusters Without gVisor Sandbox ProtectionHighKubernetes EngineNodePools
CSPM-GCP-2025-0155GKE Confidential Nodes Not Enabled Due to Incompatible Machine TypeMediumKubernetes EngineNodePools
CSPM-GCP-2025-0156GKE N2D Nodes Without Confidential Computing EnabledMediumKubernetes EngineNodePools
CSPM-GCP-2025-0157GKE Dataplane V2 Not Enabled for Inter-Node EncryptionMediumKubernetes EngineClusters
CSPM-GCP-2025-0158GKE Workload Vulnerability Scanning DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0159GKE Security Posture Dashboard DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0160GKE Inter-Node Transparent Encryption DisabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0161GKE Cluster Security Notifications Not ConfiguredMediumKubernetes EngineClusters
CSPM-GCP-2025-0162MySQL Instances Running Outdated Database VersionMediumCloud SQLInstances
CSPM-GCP-2025-0164MySQL Skip Show Database Flag Not EnabledLowCloud SQLInstances
CSPM-GCP-2025-0165MySQL Slow Query Logging DisabledMediumCloud SQLInstances
CSPM-GCP-2025-0166PostgreSQL Instances Running Outdated Database VersionHighCloud SQLInstances
CSPM-GCP-2025-0167PostgreSQL Log Error Verbosity MisconfiguredMediumCloud SQLInstances
CSPM-GCP-2025-0168Log Min Messages Flag Not Properly Configured for PostgreSQL InstanceMediumCloud SQLInstances
CSPM-GCP-2025-0169Log Statement Flag Not Properly Configured for PostgreSQL InstanceMediumCloud SQLInstances
CSPM-GCP-2025-0170Max Connections Flag Not Properly Configured for PostgreSQL InstanceMediumCloud SQLInstances
CSPM-GCP-2025-0171PostgreSQL Log Planner Stats Flag EnabledMediumCloud SQLInstances
CSPM-GCP-2025-0172PostgreSQL Log Executor Stats Flag EnabledMediumCloud SQLInstances
CSPM-GCP-2025-0173PostgreSQL Log Parser Stats Flag EnabledLowCloud SQLInstances
CSPM-GCP-2025-0174PostgreSQL Log Statement Stats Flag EnabledMediumCloud SQLInstances
CSPM-GCP-2025-0175PostgreSQL Temporary File Logging DisabledMediumCloud SQLInstances
CSPM-GCP-2025-0176PostgreSQL PGAudit Extension Not EnabledMediumCloud SQLInstances
CSPM-GCP-2025-0177PostgreSQL Hostname Logging DisabledLowCloud SQLInstances
CSPM-GCP-2025-0178PostgreSQL Hostname Logging DisabledMediumCloud SQLInstances
CSPM-GCP-2025-0179User Connections Flag Configured for SQL Server InstanceMediumCloud SQLInstances
CSPM-GCP-2025-0180SQL Server External Scripts Execution EnabledHighCloud SQLInstances
CSPM-GCP-2025-0181SQL Server Trace Flag 3625 Not EnabledMediumCloud SQLInstances
CSPM-GCP-2025-0185Firewall Rule Allows Unrestricted RPC TCP Port 135 AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0186Firewall Rule Allows Unrestricted Redis TCP Port 6379 AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0187Firewall Rule Allows Unrestricted SMTP TCP Port 25 AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0188Firewall Rule Allows Unrestricted Microsoft SQL Server TCP Port 1433 AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0189Firewall Rule Allows Unrestricted SSH TCP Port 22 AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0190Firewall Rule Allows Unrestricted Access on Range of PortsHighNetwork SecurityFirewalls
CSPM-GCP-2025-0191Ensure GCP Firewall Ingress Rules Specify Port RestrictionsHighNetwork SecurityFirewalls
CSPM-GCP-2025-0192Enable VPC Firewall Rule LoggingMediumNetwork SecurityFirewalls
CSPM-GCP-2025-0193Ensure that VPC Network Firewall logging does not use INCLUDE_ALL_METADATAMediumNetwork SecurityFirewalls
CSPM-GCP-2025-0194Ensure VPC Network Firewall Rules Do Not Allow Inbound Traffic on High-Risk Ports from Unrestricted SourcesHighNetwork SecurityFirewalls
CSPM-GCP-2025-0195Firewall Rule Allows Unrestricted Access through “NFS” Well-Known PortCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0196Firewall rule Allows Unrestricted Access through “DNS” Well-Known Port (53)HighNetwork SecurityFirewalls
CSPM-GCP-2025-0197Firewall rule Allows Unrestricted Access through “MongoDB” Well-Known Port (27017)CriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0198Firewall rule Allows Unrestricted Access through “PostgreSQL” Well-Known Port (5432)CriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0199Allows Access through Port Telnet (23) from Unrestricted SourcesCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0262Ensure That RDP Access Is Restricted From the InternetCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0263Firewall Rule Allows Unrestricted LDAP/LDAPS AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0264Firewall Rule Allows Unrestricted RDP AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0265Firewall Rule Allows Unrestricted VNC AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0266API Keys Should Only Exist for Active ServicesHighAPI KeysAPI Keys
CSPM-GCP-2025-0267API Key API Restrictions Not SetHighAPI KeysAPI Keys
CSPM-GCP-2025-0268API Key Application Restrictions Not SetHighAPI KeysAPI Keys
CSPM-GCP-2025-0269Ensure API Keys Are Restricted to Only APIs That Application Needs AccessHighAPI KeysAPI Keys
CSPM-GCP-2025-0270Ensure API Keys Are Rotated Every 90 DaysMediumAPI KeysAPI Keys
CSPM-GCP-2025-0272Ensure That Instances Are Not Configured To Use the Default Service Account With Full Access to All Cloud APIsHighComputeEngineVMInstances
CSPM-GCP-2025-0274Ensure Cloud Audit Logging Includes DATA_READ, DATA_WRITE, and ADMIN_READ Log Types at Project LevelMediumIAMPolicies
CSPM-GCP-2025-0275Firewall Rule Allows Unrestricted Egress to All PortsCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0276Firewall Rule Allows Unrestricted Memcached AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0277Firewall Rule Allows Unrestricted Docker API AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0278Ensure Access Approval for Project-Level Resources Uses Corporate Email Addresses Instead of Consumer AccountsMediumCloud Resource ManagerApprovalRequests
CSPM-GCP-2025-0279Ensure Access Approval API Is Used for Project-Level ResourcesMediumCloud Resource ManagerApprovalRequests
CSPM-GCP-2025-0280Ensure Cloud Asset Inventory Is EnabledMediumService UsageEnabledServices
CSPM-GCP-2025-0281Ensure Access Approval and Access Transparency APIs are enabled for Project-Level ResourcesMediumCloud Resource ManagerApprovalRequests
CSPM-GCP-2025-0282Firewall Rule Allows Unrestricted Kubernetes API Server AccessCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0301Use Customer-Managed Encryption Keys (CMEKs) to encrypt data at rest within your Filestore instancesMediumFilestoreFilestoreInstances
CSPM-GCP-2025-0302Configure maintenance windows for Redis instances to ensure controlled patching and updatesMediumCloud MemorystoreRedisInstances
CSPM-GCP-2025-0303Configure maintenance windows for Memcache instances to ensure controlled patching and updatesMediumCloud MemorystoreMemcacheInstances
CSPM-GCP-2025-0304Configure maintenance windows for Redis clusters to ensure controlled patching and updatesMediumCloud MemorystoreRedisClusters
CSPM-GCP-2025-0305Configure maintenance windows for Valkey instances to ensure controlled patching and updatesMediumCloud MemorystoreValkeyInstances
CSPM-GCP-2025-0306Redis Instance Has Read Replicas DisabledMediumCloud MemorystoreRedisInstances
CIEM-GCP-2025-0001Inactive groupsCriticalIAMGroups
CIEM-GCP-2025-0002Inactive usersCriticalIAMUsers
CIEM-GCP-2025-0003Empty groupsCriticalIAMGroups
CIEM-GCP-2025-0004Delete folders that do not have ownershipCriticalIAMFolders
CIEM-GCP-2025-0005Delete projects that do not have ownershipCriticalIAMPolicies
CIEM-GCP-2025-0006Service account keys must be rotated after 30 daysCriticalIAMKeys
CIEM-GCP-2025-0007Delete inactive service accountCriticalIAMServiceAccounts

Share This Article :

  • X
  • LinkedIn
Still stuck? How can we help?

Saner Documentation Feedback

SecPod Default Rules in GCP: An OverviewUnderstand SecPod Global Rules in GCP
Copyright 2026 - SecPod. All Rights Reserved. Privacy Policy.
SanerNow Version 6.5.x