View Categories

Implementing SecPod Global Rules in AWS

Print Friendly, PDF & Email
BenchmarkRule IDTitleService TypeResource Type
SecPod_GlobalCSPM-AWS-2024-0004Clear-Text Origin, a potential to expose sensitive data in AWS CloudFront Content DistributionsCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0005Insecure Origin TLS/SSL, a potential to expose sensitive data in AWS CloudFront Content DistributionsCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0006Inadequate Viewer Security Policy, a potential to expose sensitive data in AWS CloudFront Content DistributionsCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0055IAM Group uses Inline Policies instead of Managed PoliciesIAMPolicy
SecPod_GlobalCSPM-AWS-2024-0056IAM Group with No UsersIAMGroup
SecPod_GlobalCSPM-AWS-2024-0066Managed Policy Not Attached to Any EntityIAMManagedPolicy
SecPod_GlobalCSPM-AWS-2024-0067No Authorized User Is Allowed to Handle Issues with Amazon SupportIAMPolicies
SecPod_GlobalCSPM-AWS-2024-0068Passwords Expiration Threshold Is Not Configured Or Exceeds The Specified LimitIAMAccountPasswordPolicy
SecPod_GlobalCSPM-AWS-2024-0069The Minimum Password Length for IAM is Short.IAMAccountPasswordPolicy
SecPod_GlobalCSPM-AWS-2024-0070Password Expiration DisabledIAMAccountPasswordPolicy
SecPod_GlobalCSPM-AWS-2024-0071Password Policy Does Not Mandate Lowercase CharactersIAMAccountPasswordPolicy
SecPod_GlobalCSPM-AWS-2024-0072Password Policy Does Not Mandate a NumberIAMAccountPasswordPolicy
SecPod_GlobalCSPM-AWS-2024-0073Password Policy Does Not Mandate a SymbolIAMAccountPasswordPolicy
SecPod_GlobalCSPM-AWS-2024-0074Password Policy Does Not Mandate Uppercase CharactersIAMAccountPasswordPolicy
SecPod_GlobalCSPM-AWS-2024-0075Password Policy Allows Reuse of PasswordsIAMAccountPasswordPolicy
SecPod_GlobalCSPM-AWS-2024-0076IAM Role uses Inline Policies instead of Managed PoliciesIAMPolicy
SecPod_GlobalCSPM-AWS-2024-0077No Hardware MFA for Root AccountIAMCredentialReport
SecPod_GlobalCSPM-AWS-2024-0078No MFA for Root AccountIAMCredentialReport
SecPod_GlobalCSPM-AWS-2024-0079Root Account Used RecentlyIAMCredentialReport
SecPod_GlobalCSPM-AWS-2024-0080Root Account Has Active X.509 CertsIAMCredentialReport
SecPod_GlobalCSPM-AWS-2024-0081X.509 Certificates Are Active for Root AccountIAMCredentialReport
SecPod_GlobalCSPM-AWS-2024-0082Password-Enabled Service UserIAMCredentialReport
SecPod_GlobalCSPM-AWS-2024-0084Inadequate Key Rotation for 90 DaysIAMAccessKey
SecPod_GlobalCSPM-AWS-2024-0085IAM User is Not in Category GroupIAMGroups
SecPod_GlobalCSPM-AWS-2024-0086IAM User is Not in Common GroupIAMGroups
SecPod_GlobalCSPM-AWS-2024-0088User Holding Multiple API KeysIAMAccessKey
SecPod_GlobalCSPM-AWS-2024-0089User with Enabled Keys and PasswordIAMAccessKey
SecPod_GlobalCSPM-AWS-2024-0091User without MFAIAMUsers
SecPod_GlobalCSPM-AWS-2024-0123Route53 Domain Auto-Renewal is Not EnabledRoute53DomainsDomain
SecPod_GlobalCSPM-AWS-2024-0124Route53 Domain Transfer is Not LockedRoute53DomainsDomain
SecPod_GlobalCSPM-AWS-2024-0159IAM Managed policies should not allow full “*” administrative privilegesIAMPolicies
SecPod_GlobalCSPM-AWS-2024-0161Multi-factor authentication (MFA) not enabled for all IAM users that have a console passwordIAMCredentialReport
SecPod_GlobalCSPM-AWS-2024-0169Verify that there are no active access keys associated with the root user accountIAMAccountSummary
SecPod_GlobalCSPM-AWS-2024-0171Security contact information should be provided for an AWS account.AccountContactInformation
SecPod_GlobalCSPM-AWS-2024-0172AWS account should be part of an AWS Organizations organizationAccountOrganizations
SecPod_GlobalCSPM-AWS-2024-0188CloudFront distributions should have a default root object configuredCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0189CloudFront distributions should not point to non-existent S3 originsCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0190CloudFront distributions should have origin failover configuredCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0191CloudFront distributions should have logging enabledCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0192CloudFront distributions should have WAF enabledCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0193CloudFront distributions should use custom SSL/TLS certificatesCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0194CloudFront distributions should use SNI to serve HTTPS requestsCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0195CloudFront distributions should encrypt traffic to custom originsCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0269Application Load Balancers should be associated with an AWS WAF web ACLWAFv2ApplicationLoadBalancer
SecPod_GlobalCSPM-AWS-2024-0289IAM customer managed policies that you create should not allow wildcard actions for servicesIAMPolicy
SecPod_GlobalCSPM-AWS-2024-0291IAM customer managed policies should not allow decryption actions on all KMS keysKMSPolicy
SecPod_GlobalCSPM-AWS-2024-0362Route 53 public hosted zones should log DNS queriesRoute53HostedZone
SecPod_GlobalCSPM-AWS-2024-0387AWS WAF Classic Global Web ACL logging should be enabledWAFWebACL
SecPod_GlobalCSPM-AWS-2024-0388AWS WAF web ACLs should have at least one rule or rule groupWAFv2WebACL
SecPod_GlobalCSPM-AWS-2024-0389AWS WAF web ACL logging should be enabledWAFv2WebACL
SecPod_GlobalCSPM-AWS-2024-0390AWS WAF rules should have CloudWatch metrics enabledWAFv2WebACL
SecPod_GlobalCSPM-AWS-2024-0391AWS WAF Classic Regional rules should have at least one conditionWAFRegionalRule
SecPod_GlobalCSPM-AWS-2024-0392AWS WAF Classic Regional rule groups should have at least one ruleWAFRegionalRuleGroup
SecPod_GlobalCSPM-AWS-2024-0393AWS WAF Classic Regional web ACLs should have at least one rule or rule groupWAFRegionalWebACL
SecPod_GlobalCSPM-AWS-2024-0394AWS WAF Classic global rules should have at least one conditionWAFRule
SecPod_GlobalCSPM-AWS-2024-0395AWS WAF Classic global rule groups should have at least one ruleWAFRuleGroup
SecPod_GlobalCSPM-AWS-2024-0396AWS WAF Classic global web ACLs should have at least one rule or rule groupWAFWebACL
SecPod_GlobalCSPM-AWS-2024-0399Codebuild With Administrator RoleCodeBuildBuildProjects
SecPod_GlobalCSPM-AWS-2024-0400IAM Role Without External IDIAMRole
SecPod_GlobalCSPM-AWS-2024-0426Detect and Respond to Deactivated MFA Devices in AWSIAMMFADevices
SecPod_GlobalCSPM-AWS-2024-0428Ensure Secure Server Certificate Signature AlgorithmIAMUser
SecPod_GlobalCSPM-AWS-2024-0429-01Ensure Approved Access to ECS Execute Command (Inline Policy)IAMRole
SecPod_GlobalCSPM-AWS-2024-0429-02Ensure Approved Access to ECS Execute Command (Managed Policy)IAMRole
SecPod_GlobalCSPM-AWS-2024-0494Sender Policy Framework (SPF) in UseRoute53HostedZones
SecPod_GlobalCSPM-AWS-2024-0495Enable DNSSEC Signing for Route 53 Hosted ZonesRoute53HostedZones
SecPod_GlobalCSPM-AWS-2024-0501Ensure Existence of IAM UsersIAMUser
SecPod_GlobalCSPM-AWS-2024-0505Detect Unused IAM UsersIAMUsers
SecPod_GlobalCSPM-AWS-2024-0517Ensure CloudFront is EnabledCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0518Enforce Use of CloudFront for Content DeliveryCloudFrontDistributions
SecPod_GlobalCSPM-AWS-2024-0536Ensure Current Contact Details are MaintainedAccountContactInformation
SecPod_GlobalCSPM-AWS-2024-0541Ensure Shield Advanced is EnabledShieldShieldAdvancedSubscription
SecPod_GlobalCSPM-AWS-2024-0548Ensure AWS Organizations All Features is EnabledOrganizationOrganization
SecPod_GlobalCSPM-AWS-2024-0582Ensure Route 53 Domains Have Privacy Protection EnabledRoute53DomainsDomain
SecPod_GlobalCSPM-AWS-2024-0588Ensure CloudFront Geo Restriction is EnabledCloudFrontDistributions