Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards #169

rakshb · 2023-06-09T15:58:23Z

| EC2.8 | Amazon EC2 instances should use Instance Metadata Service Version 2 (IMDSv2) | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| S3.11 | S3 buckets should have event notifications enabled | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| SecretsManager.4 | Secrets Manager secrets should be rotated within a specified number of days | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| SSM.1 | Amazon EC2 instances should be managed by AWS Systems Manager | Applicable standards: AWS Foundational Security Best Practices v1.0.0, PCI DSS v3.2.1, NIST SP 800-53 Rev. 5
| S3.9 | S3 bucket server access logging should be enabled | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| IAM.3 | IAM users' access keys should be rotated every 90 days or less | Applicable standards: CIS AWS Foundations Benchmark v1.2.0, AWS Foundational Security Best Practices v1.0.0, CIS AWS Foundations Benchmark v1.4.0, NIST SP 800-53 Rev. 5
| S3.13 | S3 buckets should have lifecycle policies configured | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| CodeBuild.5 | CodeBuild project environments should not have privileged mode enabled | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| EC2.17 | Amazon EC2 instances should not use multiple ENIs | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| EC2.18 | Security groups should only allow unrestricted incoming traffic for authorized ports | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| EC2.3 | Attached Amazon EBS volumes should be encrypted at-rest | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| SecretsManager.1 | Secrets Manager secrets should have automatic rotation enabled | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| SSM.4 | SSM documents should not be public | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5
| CloudFront.1 | CloudFront distributions should have a default root object configured | Applicable standards: AWS Foundational Security Best Practices v1.0.0, NIST SP 800-53 Rev. 5

rakshb created this issue from a note in automated-security-response-on-aws (Researching) Jun 9, 2023

morjoan added the enhancement New feature or request label Jun 14, 2023

rakshb mentioned this issue Jun 26, 2023

NIST80053 Security Standard #151

Closed

rakshb moved this from Researching to In Development in automated-security-response-on-aws Aug 15, 2023

rakshb changed the title ~~Support remediations for NIST 800-53 standard~~ Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards Aug 15, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards #169

Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards #169

rakshb commented Jun 9, 2023 •

edited

Loading

Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards #169

Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards #169

Comments

rakshb commented Jun 9, 2023 • edited Loading

rakshb commented Jun 9, 2023 •

edited

Loading