Views:
October 12, 2023, Conformity—Rules' Mapping Update for Compliance Standards
  • We've updated the Rule mappings to be compliant with the System and Organization Controls 2 (SOC 2) Compliance and Standard Reports.
Rule Update
Azure
  • AppService-012: Enable FTPS-Only Access: Updated this rule to resolve the case-sensitive issue to avoid false negatives.
AWS
The following rules won't generate checks for security groups that are shared from other accounts.
  • EC2-001: Security Group Port Range
  • EC2-002: Unrestricted SSH Access
  • EC2-003: Unrestricted RDP Access
  • EC2-004: Unrestricted Oracle Access
  • EC2-005: Unrestricted MySQL Access
  • EC2-006: Unrestricted PostgreSQL Access
  • EC2-007: Unrestricted DNS Access
  • EC2-008: Unrestricted MsSQL Access
  • EC2-012: Security Group Excessive Counts
  • EC2-013: Security Group Large Counts
  • EC2-014: Security Group Rules Counts
  • EC2-032: SecurityGroup RFC 1918
  • EC2-033: Unrestricted Security Group Egress
  • EC2-034: Unrestricted Security Group Ingress on Uncommon Ports
  • EC2-036: Security Group Naming Conventions
  • EC2-038: Unrestricted Telnet Access
  • EC2-039: Unrestricted SMTP Access
  • EC2-040: Unrestricted RPC Access
  • EC2-041: Unrestricted NetBIOS Access
  • EC2-042: Unrestricted FTP Access
  • EC2-043: Unrestricted CIFS Access
  • EC2-044: Unrestricted ICMP Access
  • EC2-045: Unrestricted MongoDB Access
  • EC2-059: Descriptions for Security Group Rules
  • EC2-061: Security Group Name Prefixed With 'launch-wizard'
  • EC2-063: Unrestricted Elasticsearch Access
  • EC2-064: Unrestricted HTTP Access
  • EC2-065: Unrestricted HTTPS Access
  • EC2-074: Check for Unrestricted Redis Access
  • EC2-075: Check for Unrestricted Memcached Access
  • RG-001: Tags
Shared security groups won't be considered by the following rules:
  • EC2-015: EC2 Instance Security Group Rules Counts
  • ELB-007: ELB Security Group