The HIPAA Security Rule ensures patients and their Protected Health Information (ePHI) are protected, as well as healthcare facilities and health insurance providers.
To read more about HIPAA security rule, please visit HIPAA home page .
HIPAA non-compliance issues (214)
Severity | Non-Compliance | Region | Resource | Issue | Remediation | Read more | Action | |
---|---|---|---|---|---|---|---|---|
EC2 | Medium | CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | vol-004919a0d32e05d34 | No EBS encryption found. | Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. | More info | |
EC2 | Medium | CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | vol-074257a397fadc9ec | No EBS encryption found. | Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-east-1 | sg-0be4454dc243daa89 | Default security group with 2 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-east-1 | sg-0cf4e19eb2fc096da | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-east-1 | sg-0f1857e87433d40ce | Default security group with 2 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-east-2 | sg-0350acc1c67617b6d | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-east-2 | sg-071bb37c316ae7808 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-east-2 | sg-0a8cef89f1e98930c | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-east-2 | sg-0cbbda7c | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-east-2 | sg-0fa59556ef2020a9e | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-west-1 | sg-f46b0b82 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Medium | CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | vol-05830c14eadc21ea2 | No EBS encryption found. | Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. | More info | |
EC2 | Medium | CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | vol-06d98619c32de5968 | No EBS encryption found. | Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. | More info | |
EC2 | Medium | CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | vol-0ee3ff4a2100dc2f3 | No EBS encryption found. | Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. | More info | |
EC2 | Medium | CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | vol-0dbacadab7b315e80 | No EBS encryption found. | Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. | More info | |
EC2 | Medium | CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | vol-0987ccd97176d01ee | No EBS encryption found. | Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-west-2 | sg-08a4e95779202da87 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-west-2 | sg-0d2059d6f62212dde | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-west-2 | sg-0d21142c1e8c610f7 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | us-west-2 | sg-b7f7f595 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | ap-south-1 | sg-3d5f1d44 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | ap-northeast-2 | sg-34ef8e4c | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | ap-southeast-1 | sg-7ffd8e36 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | ap-southeast-2 | sg-a4bacfef | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | ap-northeast-1 | sg-68a91027 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | ca-central-1 | sg-19392c7e | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | eu-central-1 | sg-577d7728 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | eu-west-1 | sg-d77d858c | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | eu-west-2 | sg-dc55b6a4 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | eu-west-3 | sg-48a3d32a | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | eu-north-1 | sg-3e01de5d | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
EC2 | Low | CIS 5.4 PCI DSS (Networking) HIPAA (Networking) | sa-east-1 | sg-07b33375 | Default security group with 1 inbound and 1 outbound rules. | Review inbound and outbound rules for any default security group. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-east-1 | vpc-07f3b77c454b3c310 | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-east-1 | vpc-071a12f8ec7613303 | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-east-1 | vpc-073764f023b9a5efc | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-east-2 | vpc-02585025ab31219f8 | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-east-2 | vpc-0d6a54312c6027726 | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-east-2 | vpc-0c15019aee6c8423e | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-west-1 | vpc-72ea2314 | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-west-2 | vpc-033848556cef01aca | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-west-2 | vpc-0ed42ee2ea7505377 | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
VPC | Medium | CIS 3.9 PCI DSS 10.2 HIPAA (Audit) | us-west-2 | vpc-05461e6842795a02d | VPC Flow Logs are disabled. | Ensure VPC flow logging is enabled in all VPCs. | More info | |
S3 | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | cf-templates-lqa4fy3xqyy2-us-west-2 | Amazon S3 server access logging is disabled. | Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. | More info | |
S3 | Medium | CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) | us-east-1 | cf-templates-lqa4fy3xqyy2-us-west-2 | Amazon S3 bucket policy was not found. | Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. | More info | |
S3 | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | elasticbeanstalk-us-east-1-531239714189 | Amazon S3 server access logging is disabled. | Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. | More info | |
S3 | Medium | CIS 2.1.1 PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | elasticbeanstalk-us-east-1-531239714189 | Amazon S3 bucket server-side encryption is disabled. | Enable server-side encryption for S3 buckets to protect your data. | More info | |
S3 | Medium | CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) | us-east-1 | elasticbeanstalk-us-east-1-531239714189 | Amazon S3 bucket policy was not found. | Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. | More info | |
S3 | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | test-collector | Amazon S3 server access logging is disabled. | Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. | More info | |
S3 | Medium | CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) | us-east-1 | test-collector | Amazon S3 bucket policy was not found. | Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. | More info | |
S3 | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | test-resources | Amazon S3 server access logging is disabled. | Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. | More info | |
S3 | Medium | CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) | us-east-1 | test-resources | Amazon S3 bucket policy was not found. | Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. | More info | |
S3 | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | test-scanner | Amazon S3 server access logging is disabled. | Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. | More info | |
S3 | Medium | CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) | us-east-1 | test-scanner | Amazon S3 bucket policy was not found. | Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. | More info | |
S3 | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | test-update | Amazon S3 server access logging is disabled. | Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. | More info | |
S3 | Medium | CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) | us-east-1 | test-update | Amazon S3 bucket policy was not found. | Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. | More info | |
RDS | Critical | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | database-1-final-snapshot | RDS DB snapshot has no encryption. | To ensure the data is encrypted at rest, copy the non-encrypted snapshot into a new one. Select Enable Encryption option to make sure the copy is encrypted. | More info | |
RDS | Critical | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | test | RDS DB snapshot has no encryption. | To ensure the data is encrypted at rest, copy the non-encrypted snapshot into a new one. Select Enable Encryption option to make sure the copy is encrypted. | More info | |
Simple Email Service | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | inbox-rule | SES ruleset does not encrypt your emails before saving them to the Amazon S3 bucket | Edit the rule and enable email encryption for the S3 action. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | my-k8s-cluster | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | test-cluster | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-2 | scan-my-fargatecluster | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-2 | rony-slim-and-mean | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | us-east-2 | ronyfargatefeb3rd531 | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | us-west-2 | rony-fargate-west2 | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | us-west-2 | rony-west2test-cluster | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | us-west-2 | test-fargate-west2 | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
EKS | Low | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-2 | my-new-cluster | Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. | Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | us-east-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | us-east-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | us-east-2 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | us-east-2 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | us-east-2 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | us-east-2 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | us-east-2 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | us-east-2 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | us-west-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | us-west-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | us-west-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | us-west-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | us-west-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | us-west-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | us-west-2 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | us-west-2 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | us-west-2 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | us-west-2 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | us-west-2 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | us-west-2 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-south-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-south-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-south-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-south-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-south-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-south-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-northeast-2 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-northeast-2 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-northeast-2 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-northeast-2 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-northeast-2 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-northeast-2 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-southeast-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-southeast-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-2 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-2 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-southeast-2 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-2 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-southeast-2 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-southeast-2 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-northeast-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-northeast-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-northeast-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ap-northeast-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ap-northeast-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ap-northeast-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ca-central-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ca-central-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ca-central-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | ca-central-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | ca-central-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | ca-central-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-central-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-central-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-central-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-central-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-central-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-central-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-west-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-west-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-west-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-west-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-west-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-west-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-west-2 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-west-2 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-west-2 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-west-2 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-west-2 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-west-2 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-west-3 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-west-3 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-west-3 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-west-3 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-west-3 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-west-3 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-north-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-north-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-north-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | eu-north-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | eu-north-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | eu-north-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | sa-east-1 | my-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | sa-east-1 | my-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | sa-east-1 | my-trail | S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudTrail | Critical | PCI DSS 10.2 HIPAA (Audit) | sa-east-1 | test-trail | CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". | Check out your CloudTrail configuration to make sure the logs are being delivered. | More info | |
CloudTrail | Informational | PCI DSS 10.2 HIPAA (Audit) | sa-east-1 | test-trail | Logging data events for trails is disabled. | Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. | More info | |
CloudTrail | Low | CIS 3.6 PCI DSS 10.2 HIPAA (Audit) | sa-east-1 | test-trail | S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | /aws/lambda/test-collector:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | /aws/lambda/test-responder:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | /aws/lambda/test-scanner:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | /aws/lambda/test-scheduler:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | /aws/codebuild/InlineSecureScanning:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | /aws/eks/beautiful-outfit-1611727262/cluster:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | /aws/lambda/HelloWorldFunction:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | /aws/lambda/Sophos-Optix-flowlogs-fn:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | /aws/transfer/s-4ab6146e87334a43a:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | /ecs/console-sample-app-static:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | /ecs/first-run-task-definition:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-1 | /aws/lambda/Sophos-Optix-flowlogs-fn:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-1 | /aws/lambda/test:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | /aws/lambda/Sophos-Optix-cloudtrail-fn:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | /aws/lambda/Sophos-Optix-flowlogs-fn:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | /aws/lambda/SophosOptixRegionalResourcesLambda:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | /aws/lambda/my-function:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | /aws/transfer/s-3d3e19784f014b1a9:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | aws-cloudtrail-logs-531239714189-58a7e086:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | aws-cloudtrail-logs-531239714189-f6d6a35f:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
CloudWatch | Medium | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | my-trail:* | Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. | For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | us-east-2 | dynamodb | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | us-west-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | us-west-2 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | ap-south-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | ap-northeast-2 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | ap-southeast-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | ap-southeast-2 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | ap-northeast-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | ca-central-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | eu-central-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | eu-west-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | eu-west-2 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | eu-west-3 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | eu-north-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
SNS | High | PCI DSS 3.5 HIPAA (Encryption) | sa-east-1 | Sophos-Optix-flowlogs-s3-sns-topic | SNS topic is not encrypted | For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. | More info | |
CloudFront | High | PCI DSS 4.2 HIPAA (Encryption) | us-east-1 | EABCW25ZCESFI | CloudFront distribution is not configured to enforce encryption (using HTTPS) for data in transit. | HIPAA compliance requires all data to be transmitted over secure channels. Edit distribution's behaviour and set its viewer protocol policy to "HTTPS Only". | More info | |
CloudFront | High | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | EABCW25ZCESFI | CloudFront distribution is not configured to save access logs to an Amazon S3 bucket. | Enable distribution's access logs to comply with HIPAA (requires access logging for auditing purposes) and PCI DSS (Requirement 10: track and monitor all access to network resources and cardholder data). | More info | |
CloudFront | Critical | PCI DSS 4.2 PCI DSS (Old Protocols) HIPAA (Encryption) | us-east-1 | EABCW25ZCESFI | CloudFront distribution uses insecure default CloudFront protocol TLSv1. | To comply with PSI DSS (requires not to use SSLv2, SSLv3, TLS 1.0), create and import a custom SSL Certificate. Next, select the recommended security policy for CloudFront to use for HTTPS connections. | More info | |
CloudFront | Medium | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | EABCW25ZCESFI | CloudFront distribution uses an S3 bucket as origin without an origin access identity, allowing direct access to your objects through Amazon S3 URLs. | Restrict bucket access in the origin settings so that users were able to access your S3 content using CloudFront URLs, not Amazon S3 URLs. This is required to comply with HIPAA privacy rule, enabling audit for all access to PHI. | More info | |
EMR | Medium | PCI DSS 10.2 HIPAA (Audit) | us-east-1 | j-2XLTZN5X5X0UT | EMR cluster has no logging enabled to the Amazon S3 location. | Configure the cluster to periodically archive the log files stored on the master node to Amazon S3. If the cluster terminates, the logs will reveal if this is through normal shut down or due to an error. | More info | |
SageMaker | High | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | my-motebook-instance | SageMaker notebook data is not encrypted. | To help protect data at rest, ensure encryption with AWS Key Management Service (AWS KMS) is enabled for your SageMaker notebook. | More info | |
Athena | High | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | test-workgroup | Athena workgroup uses no encryption at rest. | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, enable encryption at rest for the Athena workgroup. | More info | |
API Gateway | High | PCI DSS 10.2 HIPAA (Audit) | us-east-2 | s87eelcsz6 | API Gateway has neither ERROR nor INFO level of logging enabled in the stage: "dev". | Enable either ERROR or INFO level of logging in the stage's settings. | More info | |
Kinesis | Critical | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | stream3 | S3 server-side encryption for the Firehose delivery stream is disabled. | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure the data delivered in S3 bucket is encrypted with a KMS customer-managed key. | More info | |
SQS | High | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | test-execution-queue-collector | SQS queue is not encrypted. | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, enable encryption with KMS for all SQS queues. | More info | |
SQS | High | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | test-queue.fifo | SQS queue is not encrypted. | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, enable encryption with KMS for all SQS queues. | More info | |
Comprehend | High | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | d82797322f0833a4b7811a1d178fca1f | Output result encryption for your Comprehend analysis job "my-job2" is disabled. | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your output data is encrypted with a KMS customer-managed key (CMK). | More info | |
Comprehend | High | PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | d82797322f0833a4b7811a1d178fca1f | Comprehend analysis job "my-job2" has encryption for the data in the storage volume is disabled. | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your data in the storage volume is encrypted with a KMS customer-managed key (CMK). | More info | |
Elastic File System | Critical | CIS 2.4.1 PCI DSS 3.5 HIPAA (Encryption) | us-east-1 | fs-34d4d281 | EFS file system is not encrypted. | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest and in transit, make sure your file system is encrypted with a KMS customer-managed key (CMK). | More info |