Product
Security Violations
Asset Management
Compliance
Billing Intelligence
Pricing
Blog
Resources
About Tenacity
Blog
Cloud Risk Database
Compliance Library
Help
Integrations
All Resources
Sign In
Sign In
Cloud Risk Database
Cloud Risk Categories
All
SOC2
PCI
NIST CSF
NIST 800-53
NIST 800-171
ISO
HIPAA
GDPR
CISA
CIS-AWS
Azure
AWS
All
SOC2
PCI
NIST CSF
NIST 800-53
NIST 800-171
ISO
HIPAA
GDPR
CISA
CIS-AWS
Azure
AWS
VPC with Cross Account Connections
vpc-002
SQS Queue not Encrypted
sqs-003
SNS Delivery Status Logging Not Configured
sns-005
SNS Topic not Encrypted
sns-003
ElastiCache Replication Group Publicly Available for Any Source
security-group-037
Default Security Groups have Unrestricted Access
security-group-036
Security Groups Not in Use
security-group-035
Security Group RDP (3389) Port Open to Public
security-group-034
Security Group PostgreSQL (5432) Port Open to Public
security-group-033
Security Group MySQL (3306) Port Open to Public
security-group-032
Security Group Memcached (11211) UDP Port Open to Public
security-group-031
Security Group Kibana (5601) Port Open to Public
security-group-030
Security Group FTP (20) Port Open to Public
security-group-029
Security Group Redshift (5439) Port Open to Public
security-group-028
Security Group Oracle (1521) Port Open to Public
security-group-027
Security Group MongoDB (27017) Port Open to Public
security-group-026
Security Group FTP (21) Port Open to Public
security-group-025
EC2 Instance Telnet (23) Port Open to Public
security-group-024
EC2 Instance TCP (8080) Port Open to Public
security-group-023
EC2 Instance SQL (1433) Port Open to Public
security-group-022
EC2 Instance PostgreSQL (5432) Port Open to Public
security-group-021
EC2 Instance Oracle (1521) Port Open to Public
security-group-020
EC2 Instance MySQL (3306) Port Open to Public
security-group-019
EC2 Instance FTP (21) Port Open to Public
security-group-018
Security Group has Any Protocol Open
security-group-017
EC2 Instance Elasticsearch (9200/9300) Ports Open to Public
security-group-015
Security Group SQL (1433) Port Open to Public
security-group-014
EC2 Instance Redshift (5439) Port Open to Public
security-group-013
EC2 Instance MongoDB (27017) Port Open to Public
security-group-012
Security Group Telnet (23) Port Open to Public
security-group-010
Security Group TCP (8080) Port Open to Public
security-group-009
Security Group SSH (22) Port Open to Public
security-group-008
Security Group Elasticsearch (9200) Port Open to Public
security-group-007
EC2 Instance SSH (22) Port Open to Public
security-group-006
EC2 Instance RDP (3389) Port Open to Public
security-group-005
EC2 Instance Memcache UDP (11211) Port Open to Public
security-group-004
EC2 Instance Kibana (5601) Port Open to Public
security-group-003
EC2 Instance FTP (20) Port Open to Public
security-group-002
Security Groups with Host IP Addresses Defined
security-group-001
Secrets Manager Unrestricted Access
secrets-manager-002
Secrets Manager Automatic Rotation Disabled
secrets-manager-001
S3 Bucket is not Encrypted with a KMS Key
s3-030
S3 Bucket Versioning is not Enabled
s3-029
S3 RestrictPublicBuckets is not Enabled
s3-027
S3 Bucket BlockPublicPolicy is not Enabled
s3-025
S3 Bucket BlockPublicAcls is not Enabled
s3-024
S3 Bucket Policy ACL FULL_CONTROL Permission Granted to All Public Users
s3-022
S3 Bucket ACL FULL_CONTROL Permission Granted to All Authenticated Users
s3-021
S3 Bucket ACL WRITE Permission Granted to All Authenticated Users
s3-020
S3 Bucket ACL READ Permission Granted to All Authenticated Users
s3-019
S3 Bucket ACL WRITE_ACP Permission Granted to All Authenticated Users
s3-018
S3 Bucket ACL READ_ACP Permission Granted to All Authenticated Users
s3-017
S3 Bucket ACL FULL_CONTROL Permission Granted to All Authenticated Users
s3-016
S3 Bucket ACL WRITE Permission Granted to All
s3-015
S3 Bucket ACL WRITE_ACP Permission Granted to All
s3-014
S3 Bucket ACL READ Permission Granted to All
s3-013
S3 Bucket ACL READ_ACP Permission Granted to All
s3-012
S3 Bucket not Encrypted
s3-004
S3 Bucket Policy Restricts by IP Address
s3-002
Route53 Automatic Renewal Disabled
route53-005
Route53 Zone Query Logging Disabled
route53-001
API Gateway SSL Disabled
rest-stage-003
API Gateway Execution Logging Disabled
rest-stage-002
API Gateway Cache Not Encrypted
rest-stage-001
Redshift Cluster Audit Logging Not Enabled
redshift-005
Redshift Cluster Does not Require SSL
redshift-003
Redshift Snapshot Retention is Less Than 30 Days
redshift-001
RDS Instance Multi-AZ Support is Disabled
rds-014
RDS Logging is Disabled
rds-013
RDS Instance IAM Authentication Disabled
rds-012
RDS Instance Deletion Protection is not Enabled
rds-011
RDS Enhanced Monitoring Disabled
rds-010
RDS Cluster IAM Authentication Not Enabled
rds-009
RDS Cluster Deletion Protection not Enabled
rds-008
RDS Instance Snapshot not Encrypted
rds-007
RDS Cluster Snapshot not Encrypted
rds-005
RDS Backup Retention Period Less than 30 Days
rds-001
Lambda Function has Administrative Privileges
lambda-003
Lambda Function Encryption Not using Customer Managed CMK's
lambda-002
KMS CMK Scheduled for Deletion
kms-003
KMS Key Disabled
kms-002
New IAM Users with Access Key Less than 24 Hours
iam-user-016
IAM User is not in any Groups
iam-user-015
IAM users that have been granted privileges to create, manage, query or delete access keys without restriction
iam-user-014
IAM User or Group has MFA Permissions Privileges
iam-user-013
IAM User has S3 Object Lock Bypass Permissions
iam-user-012
IAM Users with IAM Policies Attached
iam-user-005
IAM User Access Keys Not Used in the Last 30 Days
iam-user-003
IAM Users Inactive
iam-user-002
IAM Role Has Inline Policy
iam-role-001
IAM Policy Not in Use
iam-policy-002
IAM Group Has Inline Policy
iam-group-002
IAM Groups Not in Use
iam-group-001
EMR Cluster Does not Have Kerberos Enabled
emr-001
Checks if Web Application Firewall (WAF) is enabled on Application Load Balancers (ALBs).
elbv2-015
Network ELB Listener TLS Disabled
elbv2-012
ELB Using Default Security Group
elbv2-011
ELB Not in Use
elbv2-009
ELB Cross-Zone Load Balancing Disabled
elbv2-008
ELB Delete Protection Disabled
elbv2-006
