Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
| Rule ID | Title | Severity | Service Type | Resource Type |
|---|---|---|---|---|
| CSPM-AWS-2024-0004 | Clear-Text Origin, potential to expose sensitive data in AWS CloudFront Content Distributions | Medium | CloudFront | Distributions |
| CSPM-AWS-2024-0068 | Passwords Expiration Threshold is not configured or exceeds the Specified Limit | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0069 | The Minimum Password Length for IAM is short. | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0070 | Password Expiration Disabled | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0071 | Password Policy does not mandate lowercase characters | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0072 | Password Policy does not mandate a number | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0073 | Password Policy does not mandate a symbol | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0074 | Password Policy does not mandate uppercase characters | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0075 | Password Policy allows reuse of passwords | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0084 | Inadequate key rotation for 90 Days | Medium | IAM | AccessKey |
| CSPM-AWS-2024-0091 | User without MFA | Medium | IAM | Users |
| CSPM-AWS-2024-0161 | Multi-factor authentication (MFA) not enabled for all IAM users that have a console password | Medium | IAM | CredentialReport |
| CSPM-AWS-2024-0276 | Elasticsearch domains should have encryption at-rest enabled | Medium | ES | ElasticSearchDomain |
| CSPM-AWS-2024-0078 | No MFA for Root Account | Critical | IAM | CredentialReport |
| CSPM-AWS-2024-0077 | No MFA for Root Account | Critical | IAM | CredentialReport |
| CSPM-AWS-2024-0159 | IAM Managed policies should not allow full \”*\” administrative privileges | High | IAM | Policies |
| CSPM-AWS-2024-0079 | Root account used recently | Critical | IAM | CredentialReport |
| CSPM-AWS-2024-0161 | User without MFA, Multi-factor authentication (MFA) not enabled for all IAM users that have a console password | Medium | IAM | CredentialReport |
| CSPM-AWS-2024-0091 | User without MFA, Multi-factor authentication (MFA) not enabled for all IAM users that have a console password | Medium | IAM | CredentialReport |
| CSPA-AWS-2024-0028 | User without MFA, Multi-factor authentication (MFA) not enabled for all IAM users that have a console password | Medium | IAM | CredentialReport |
| CSPM-AWS-2024-0389 | AWS WAF web ACL logging should be enabled | Low | WAFv2 | WebACL |
| CSPM-AWS-2024-0218 | DynamoDB tables should have point-in-time recovery enabled | Medium | DynamoDB | DynamoDBTable |
| CSPM-AWS-2024-0321 | Network FNetwork Firewall should have deletion protection enabled | Medium | NetworkFirewall | Firewall |
| CSPM-AWS-2024-0169 | Verify that there are no active access keys associated with the root user account | Critical | IAM | Account Summary |
