tenable · devang-gaur · Mar 9, 2021 · Jan 29, 2021 · Feb 2, 2021 · Feb 9, 2021
@@ -6,7 +6,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure Azure Application Gateway Web application firewall (WAF) is enabled",
-    "reference_id": "accurics.azure.NS.147",
-    "category": "Network Security",
+    "reference_id": "AC-AZ-IS-AG-M-0008",
+    "category": "Infrastructure Security",
     "version": 2
 }
@@ -6,7 +6,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure that admin user is disabled for Container Registry",
-    "reference_id": "accurics.azure.EKM.164",
-    "category": "Encryption and Key Management",
+    "reference_id": "AC-AZ-IA-CR-M-0010",
+    "category": "Identity and Access Management",
     "version": 2
 }
@@ -6,7 +6,7 @@
     },
     "severity": "HIGH",
     "description": "Ensure Container Registry has locks",
-    "reference_id": "accurics.azure.AKS.3",
-    "category": "Azure Container Services",
+    "reference_id": "AC-AZ-RE-CR-H-0011",
+    "category": "Resilience",
     "version": 2
 }
@@ -6,7 +6,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure that Cosmos DB Account has an associated tag",
-    "reference_id": "accurics.azure.CAM.162",
-    "category": "Cloud Assets Management",
+    "reference_id": "AC-AZ-CV-CA-M-0013",
+    "category": "Compliance Validation",
     "version": 2
 }
@@ -6,7 +6,7 @@
     },
     "severity": "HIGH",
     "description": "Ensure to filter source Ips for Cosmos DB Account",
-    "reference_id": "accurics.azure.NS.32",
-    "category": "Network Security",
+    "reference_id": "AC-AZ-IS-CA-H-0012",
+    "category": "Infrastructure Security",
     "version": 2
 }
@@ -6,7 +6,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure the key vault is recoverable - enable \"Soft Delete\" setting for a Key Vault",
-    "reference_id": "accurics.azure.EKM.164",
-    "category": "Encryption and Key Management",
+    "reference_id": "AC-AZ-DP-KV-M-0026",
+    "category": "Data Protection",
     "version": 2
 }
@@ -6,7 +6,7 @@
     },
     "severity": "HIGH",
     "description": "Ensure that logging for Azure KeyVault is 'Enabled'",
-    "reference_id": "accurics.azure.EKM.20",
-    "category": "Encryption and Key Management",
+    "reference_id": "AC-AZ-LM-KV-H-0027",
+    "category": "Logging and Monitoring",
     "version": 2
 }
@@ -6,7 +6,7 @@
     },
     "severity": "HIGH",
     "description": "Ensure that the expiration date is set on all keys",
-    "reference_id": "accurics.azure.EKM.25",
-    "category": "Key Management",
+    "reference_id": "AC-AZ-DP-KK-H-0032",
+    "category": "Data Protection",
     "version": 2
 }
@@ -6,7 +6,7 @@
     },
     "severity": "HIGH",
     "description": "Ensure that the expiration date is set on all secrets",
-    "reference_id": "accurics.azure.EKM.26",
-    "category": "Key Management",
+    "reference_id": "AC-AZ-DP-VS-H-0033",
+    "category": "Data Protection",
     "version": 2
 }
@@ -4,7 +4,7 @@
     "template_args": null,
     "severity": "MEDIUM",
     "description": "Ensure Kube Dashboard is disabled",
-    "reference_id": "accurics.azure.NS.383",
-    "category": "Network Security",
+    "reference_id": "AC-AZ-IS-KC-M-0037",
+    "category": "Infrastructure Security",
     "version": 1
 }
@@ -4,7 +4,7 @@
     "template_args": null,
     "severity": "MEDIUM",
     "description": "Ensure AKS cluster has Network Policy configured.",
-    "reference_id": "accurics.azure.NS.382",
-    "category": "Network Security",
+    "reference_id": "AC-AZ-IS-KC-M-0038",
+    "category": "Infrastructure Security",
     "version": 1
 }
@@ -6,7 +6,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure that 'OS disk' are encrypted",
-    "reference_id": "accurics.azure.EKM.156",
-    "category": "Encryption and Key Management",
+    "reference_id": "AC-AZ-DP-MD-M-0050",
+    "category": "Data Protection",
     "version": 2
 }
@@ -7,7 +7,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure that 'Auditing' is set to 'On' for MSSQL servers",
-    "reference_id": "accurics.azure.MON.355",
-    "category": "Monitoring",
+    "reference_id": "AC-AZ-LM-MS-M-0055",
+    "category": "Logging and Monitoring",
     "version": 1
 }
@@ -7,7 +7,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure that 'Auditing' Retention is 'greater than 90 days' for MSSQL servers.",
-    "reference_id": "accurics.azure.LOG.357",
-    "category": "Monitoring",
+    "reference_id": "AC-AZ-LM-MS-M-0056",
+    "category": "Logging and Monitoring",
     "version": 1
 }
@@ -4,7 +4,7 @@
     "template_args": null,
     "severity": "HIGH",
     "description": "Ensure 'Enforce SSL connection' is set to 'ENABLED' for MySQL Database Server.",
-    "reference_id": "accurics.azure.NS.361",
-    "category": "Network Security",
+    "reference_id": "AC-AZ-IS-MY-H-0061",
+    "category": "Infrastructure Security",
     "version": 1
 }
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort3020ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort3020ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 3020,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": "CIFS / SMB (TCP:3020) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0069",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort7001ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort7001ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 7001,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": "Cassandra (TCP:7001) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0072",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort61621ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort61621ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 61621,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": "Cassandra OpsCenter (TCP:61621) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0075",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort53ExposedPublicEntireUdp",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort53ExposedPublicEntireUdp",
+    "numberOfHosts": 1,
+    "portNumber": 53,
+    "prefix": "reme_",
+    "protocol": "UDP"
+  },
+  "severity": "High",
+  "description": "DNS (UDP:53) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0078",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort9000ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort9000ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 9000,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": "Hadoop Name Node (TCP:9000) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0081",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort8000ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort8000ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 8000,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": " Known internal web port (TCP:8000) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0084",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort8080ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort8080ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 8080,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": " Known internal web port (TCP:8080) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0087",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort636ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort636ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 636,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": "LDAP SSL (TCP:636) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0090",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort1434ExposedPublicEntireUdp",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort1434ExposedPublicEntireUdp",
+    "numberOfHosts": 1,
+    "portNumber": 1434,
+    "prefix": "reme_",
+    "protocol": "UDP"
+  },
+  "severity": "High",
+  "description": "MSSQL Browser (UDP:1434) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0096",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort135ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort135ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 135,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": "MSSQL Debugger (TCP:135) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0099",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort1433ExposedPublicEntire",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort1433ExposedPublicEntire",
+    "numberOfHosts": 1,
+    "portNumber": 1433,
+    "prefix": "reme_",
+    "protocol": "TCP"
+  },
+  "severity": "High",
+  "description": "MSSQL Server (TCP:1433) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0102",
+  "category": "Infrastructure Security",
+  "version": 2
+}
@@ -0,0 +1,18 @@
+{
+  "name": "reme_networkPort11214ExposedPublicEntireUdp",
+  "file": "networkPortExposedPublic.rego",
+  "template_args": {
+    "endLimit": 0,
+    "evalHosts": true,
+    "name": "networkPort11214ExposedPublicEntireUdp",
+    "numberOfHosts": 1,
+    "portNumber": 11214,
+    "prefix": "reme_",
+    "protocol": "UDP"
+  },
+  "severity": "High",
+  "description": "Memcached SSL (UDP:11214) is exposed to entire Public network",
+  "reference_id": "AC-AZ-IS-NS-H-0111",
+  "category": "Infrastructure Security",
+  "version": 2
+}