From 138ece153e96fe70a0d758f5b6b77a37443e9177 Mon Sep 17 00:00:00 2001 From: Toni de la Fuente Date: Fri, 5 Feb 2021 08:38:12 +0100 Subject: [PATCH] Adjusted severity to secrets and Shodan checks --- checks/check_extra7102 | 2 +- checks/check_extra741 | 2 +- checks/check_extra742 | 2 +- checks/check_extra759 | 2 +- checks/check_extra760 | 2 +- checks/check_extra768 | 2 +- checks/check_extra775 | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/checks/check_extra7102 b/checks/check_extra7102 index 8f1cb17a..3be4629e 100644 --- a/checks/check_extra7102 +++ b/checks/check_extra7102 @@ -14,7 +14,7 @@ CHECK_ID_extra7102="7.102" CHECK_TITLE_extra7102="[extra7102] Check if any of the Elastic or Public IP are in Shodan (requires Shodan API KEY)" CHECK_SCORED_extra7102="NOT_SCORED" CHECK_TYPE_extra7102="EXTRA" -CHECK_SEVERITY_extra7102="Medium" +CHECK_SEVERITY_extra7102="High" CHECK_ASFF_RESOURCE_TYPE_extra7102="AwsEc2Eip" CHECK_ALTERNATE_check7102="extra7102" CHECK_SERVICENAME_extra7102="ec2" diff --git a/checks/check_extra741 b/checks/check_extra741 index 7643e512..d0501ce9 100644 --- a/checks/check_extra741 +++ b/checks/check_extra741 @@ -14,7 +14,7 @@ CHECK_ID_extra741="7.41" CHECK_TITLE_extra741="[extra741] Find secrets in EC2 User Data (Not Scored) (Not part of CIS benchmark)" CHECK_SCORED_extra741="NOT_SCORED" CHECK_TYPE_extra741="EXTRA" -CHECK_SEVERITY_extra741="Medium" +CHECK_SEVERITY_extra741="Critical" CHECK_ASFF_RESOURCE_TYPE_extra741="AwsEc2Instance" CHECK_ALTERNATE_check741="extra741" CHECK_SERVICENAME_extra741="ec2" diff --git a/checks/check_extra742 b/checks/check_extra742 index 1aa2adda..957ef0c2 100644 --- a/checks/check_extra742 +++ b/checks/check_extra742 @@ -14,7 +14,7 @@ CHECK_ID_extra742="7.42" CHECK_TITLE_extra742="[extra742] Find secrets in CloudFormation outputs (Not Scored) (Not part of CIS benchmark)" CHECK_SCORED_extra742="NOT_SCORED" CHECK_TYPE_extra742="EXTRA" -CHECK_SEVERITY_extra742="Medium" +CHECK_SEVERITY_extra742="Critical" CHECK_ASFF_RESOURCE_TYPE_extra742="AwsCloudFormationStack" CHECK_ALTERNATE_check742="extra742" CHECK_SERVICENAME_extra742="cloudformation" diff --git a/checks/check_extra759 b/checks/check_extra759 index 4414712b..bf4d8052 100644 --- a/checks/check_extra759 +++ b/checks/check_extra759 @@ -14,7 +14,7 @@ CHECK_ID_extra759="7.59" CHECK_TITLE_extra759="[extra759] Find secrets in Lambda functions variables (Not Scored) (Not part of CIS benchmark)" CHECK_SCORED_extra759="NOT_SCORED" CHECK_TYPE_extra759="EXTRA" -CHECK_SEVERITY_extra759="High" +CHECK_SEVERITY_extra759="Critical" CHECK_ASFF_RESOURCE_TYPE_extra759="AwsLambdaFunction" CHECK_ALTERNATE_check759="extra759" CHECK_SERVICENAME_extra759="lambda" diff --git a/checks/check_extra760 b/checks/check_extra760 index 5a3b0ece..ba54aa89 100644 --- a/checks/check_extra760 +++ b/checks/check_extra760 @@ -14,7 +14,7 @@ CHECK_ID_extra760="7.60" CHECK_TITLE_extra760="[extra760] Find secrets in Lambda functions code (Not Scored) (Not part of CIS benchmark)" CHECK_SCORED_extra760="NOT_SCORED" CHECK_TYPE_extra760="EXTRA" -CHECK_SEVERITY_extra760="Medium" +CHECK_SEVERITY_extra760="Critical" CHECK_ASFF_RESOURCE_TYPE_extra760="AwsLambdaFunction" CHECK_ALTERNATE_check760="extra760" CHECK_SERVICENAME_extra760="lambda" diff --git a/checks/check_extra768 b/checks/check_extra768 index e82b98a5..25078fd8 100644 --- a/checks/check_extra768 +++ b/checks/check_extra768 @@ -14,7 +14,7 @@ CHECK_ID_extra768="7.68" CHECK_TITLE_extra768="[extra768] Find secrets in ECS task definitions variables (Not Scored) (Not part of CIS benchmark)" CHECK_SCORED_extra768="NOT_SCORED" CHECK_TYPE_extra768="EXTRA" -CHECK_SEVERITY_extra768="Medium" +CHECK_SEVERITY_extra768="Critical" CHECK_ASFF_RESOURCE_TYPE_extra768="AwsEcsTaskDefinition" CHECK_ALTERNATE_check768="extra768" CHECK_SERVICENAME_extra768="ecs" diff --git a/checks/check_extra775 b/checks/check_extra775 index 1cbefab0..5a60b320 100644 --- a/checks/check_extra775 +++ b/checks/check_extra775 @@ -14,7 +14,7 @@ CHECK_ID_extra775="7.75" CHECK_TITLE_extra775="[extra775] Find secrets in EC2 Auto Scaling Launch Configuration (Not Scored) (Not part of CIS benchmark)" CHECK_SCORED_extra775="NOT_SCORED" CHECK_TYPE_extra775="EXTRA" -CHECK_SEVERITY_extra775="Medium" +CHECK_SEVERITY_extra775="Critical" CHECK_ALTERNATE_check775="extra775" CHECK_SERVICENAME_extra775="autoscaling"