Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards #169

Open
rakshb opened this issue Jun 9, 2023 · 0 comments
Open

Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards #169

rakshb opened this issue Jun 9, 2023 · 0 comments
Labels
enhancement New feature or request

Comments

@rakshb
Copy link

rakshb commented Jun 9, 2023
edited
Loading

  1. | EC2.8 | Amazon EC2 instances should use Instance Metadata Service Version 2 (IMDSv2) | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  2. | S3.11 | S3 buckets should have event notifications enabled | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  3. | SecretsManager.4 | Secrets Manager secrets should be rotated within a specified number of days | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  4. | SSM.1 | Amazon EC2 instances should be managed by AWS Systems Manager | Applicable standards: AWS Foundational Security Best Practices v1.0.0, PCI DSS v3.2.1, NIST SP 800-53 Rev. 5
  5. | S3.9 | S3 bucket server access logging should be enabled | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  6. | IAM.3 | IAM users' access keys should be rotated every 90 days or less | Applicable standards: CIS AWS Foundations Benchmark v1.2.0, AWS Foundational Security Best Practices v1.0.0, CIS AWS Foundations Benchmark v1.4.0, NIST SP 800-53 Rev. 5
  7. | S3.13 | S3 buckets should have lifecycle policies configured | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  8. | CodeBuild.5 | CodeBuild project environments should not have privileged mode enabled | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  9. | EC2.17 | Amazon EC2 instances should not use multiple ENIs | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  10. | EC2.18 | Security groups should only allow unrestricted incoming traffic for authorized ports | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  11. | EC2.3 | Attached Amazon EBS volumes should be encrypted at-rest | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  12. | SecretsManager.1 | Secrets Manager secrets should have automatic rotation enabled | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  13. | SSM.4 | SSM documents should not be public | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
  14. | CloudFront.1 | CloudFront distributions should have a default root object configured | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
@morjoan morjoan added the enhancement New feature or request label Jun 14, 2023
@rakshb rakshb mentioned this issue Jun 26, 2023
Closed
@rakshb rakshb changed the title Support remediations for NIST 800-53 standard Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards Aug 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@morjoan @rakshb