Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
| Rule ID | Title | Severity | Service Type | Resource Type |
|---|---|---|---|---|
| CSPM-AWS-2024-0023 | Unencrypted EBS Volume irrespective of its state | High | EC2 | Volumes |
| CSPM-AWS-2024-0092 | Rotation disabled for KMS Symmetric Customer Master Keys (CMKs) | Critical | KMS | Keys |
| CSPM-AWS-2024-0167 | In every VPC, flow logging must be enabled | Critical | VPC | FlowLog |
| CSPM-AWS-2024-0176 | API Gateway should be associated with a WAF Web ACL | Medium | APIGateway | Stages |
| CSPM-AWS-2024-0265 | Classic Load Balancer should span multiple Availability Zones | Medium | ELB | LoadBalancers |
| CSPM-AWS-2024-0368 | S3 general purpose buckets should be encrypted at rest with AWS KMS keys | Medium | S3 | Buckets |
| CSPM-AWS-2024-0376 | Secrets Manager secrets should have automatic rotation enabled | Medium | SecretsManager | Secret |
| CSPM-AWS-2024-0445 | Enable Encryption at Rest for Lambda Environment Variables using Customer Master Keys | High | Lambda | Function |
| CSPM-AWS-2024-0514 | Enable Termination Protection for CloudFormation Stacks | High | CloudFormation | Stack |
| CSPM-AWS-2024-0515 | AWS Config Global Resources Inclusion | High | ConfigService | ConfigurationRecorder |
| CSPM-AWS-2024-0559 | Ensure SSM Parameters are Encrypted | Medium | SSM | Parameters |
| CSPM-AWS-2024-0284 | EventBridge custom event buses should have a resource-based policy attached | Low | EventBridge | EventBus |
| CSPM-AWS-2024-0566 | Ensure Secrets Manager is Utilized | Medium | SecretsManager | Secret |
| CSPM-AWS-2024-0381 | SNS topics should be encrypted at-rest using AWS KMS | Medium | SNS | Topic |
| CSPM-AWS-2024-0476 | Unrestricted Security Group Egress Detected | Medium | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-01 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-02 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-03 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-04 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-05 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-06 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-07 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-08 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-09 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0033-10 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0034 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0034-01 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0034-02 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0035 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0036 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0037 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0038 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0040 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0041 | Security Group allows unrestricted access through: \”MySQL\” Well-Known Port and \”Oracle DB\” Well-Known Port | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0032 | All ICMP Traffic Permitted by EC2 Security Group | High | EC2 | SecurityGroups |
| CSPM-AWS-2024-0478 | Unrestricted RPC Access Detected | Medium | EC2 | SecurityGroups |
| CSPM-AWS-2024-0029 | EC2 Security Group Allows Access to All Ports | Critical | EC2 | SecurityGroup |
| CSPM-AWS-2024-0477 | Unrestricted Telnet Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0480 | Unrestricted FTP Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0481 | Unrestricted CIFS Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0483 | Unrestricted HTTP Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0484 | Unrestricted HTTPS Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0479 | Unrestricted NetBIOS Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0480 | Unrestricted FTP Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0481 | Unrestricted CIFS Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0483 | Unrestricted HTTP Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0484 | Unrestricted HTTPS Access Detected | Medium | EC2 | SecurityGroup |
| CSPM-AWS-2024-0178 | API Gateway routes should specify an authorization type | Medium | APIGateway | API Gateway Method |
| CSPM-AWS-2024-0311 | Neptune DB cluster snapshots should be encrypted at rest | Medium | Neptune | DBClusterSnapshot |
| CSPM-AWS-2024-0306 | Neptune DB clusters should be encrypted at rest | Medium | Neptune | DBClusterSnapshot |
| CSPM-AWS-2024-0176 | API Gateway should be associated with a WAF Web ACL | Medium | APIGateway | Stages |
| CSPA-AWS-2024-0055 | AWS Config should be enabled | Medium | Config | ConfigurationRecorder |
| CSPM-AWS-2024-0202 | AWS Config should be enabled | Medium | Config | ConfigurationRecorder |
