Using custom rules for resource tag and label enforcement
Every company uses tagging and resource labeling in their own way. Among other uses, mature labeling practices are a great way to identify resources t read more..
Ensure Public buckets donot have a PII tag. (AWS / Azure / GCP)
Organizations have their own convention of tagging buckets containing PII objects . We can leverage Security Posture Management to create custom rules read more..
Ensure Object ACLs cant be turned public inside private S3 buckets.
Inside an AWS Private S3 bucket, a specific object can be made public by using any of the following steps: Update the object's access control list read more..
Custom Rules using Domain Specific Language
Build custom rules underPolicies > Security Assessmentusing Domain Specific Language (DSL) for Security Assessment of AWS, Azure, and Google Cloud read more..
Ensure no security groups / firewall rules allow ingress from 0.0.0.0/0 to port [ ]
Security groups (AWS, Azure) and firewall rules provide stateful filtering of ingress/egress network traffic to Cloud Provider resources. The AWS rule read more..
