ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(severity): update severities for Security Hub, GuardDuty and NACL related checks (#1775)

Browse Source
This commit is contained in:
Sergio Garcia
2023-01-25 15:03:43 +01:00
committed by GitHub
parent 34eb9cc063
commit ba5e0f145f
5 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
prowler/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port.metadata.json
View File

@@ -10,7 +10,7 @@
"ServiceName": "ec2",
"SubServiceName": "networkacl",
"ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
"Severity": "high",
"Severity": "medium",
"ResourceType": "AwsEc2NetworkAcl",
"Description": "Ensure no Network ACLs allow ingress from 0.0.0.0/0 to any port.",
"Risk": "Even having a perimeter firewall, having network acls open allows any user or malware with vpc access to scan for well known and sensitive ports and gain access to instance.",

2
prowler/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22.metadata.json
View File

@@ -8,7 +8,7 @@
"ServiceName": "ec2",
"SubServiceName": "networkacl",
"ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
"Severity": "high",
"Severity": "medium",
"ResourceType": "AwsEc2NetworkAcl",
"Description": "Ensure no Network ACLs allow ingress from 0.0.0.0/0 to SSH port 22",
"Risk": "Even having a perimeter firewall, having network acls open allows any user or malware with vpc access to scan for well known and sensitive ports and gain access to instance.",

2
prowler/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389.metadata.json
View File

@@ -8,7 +8,7 @@
"ServiceName": "ec2",
"SubServiceName": "networkacl",
"ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
"Severity": "high",
"Severity": "medium",
"ResourceType": "AwsEc2NetworkAcl",
"Description": "Ensure no Network ACLs allow ingress from 0.0.0.0/0 to Microsoft RDP port 3389",
"Risk": "Even having a perimeter firewall, having network acls open allows any user or malware with vpc access to scan for well known and sensitive ports and gain access to instance.",

2
prowler/providers/aws/services/guardduty/guardduty_is_enabled/guardduty_is_enabled.metadata.json
View File

@@ -6,7 +6,7 @@
"ServiceName": "guardduty",
"SubServiceName": "",
"ResourceIdTemplate": "arn:aws:sagemaker:region:account-id",
"Severity": "high",
"Severity": "medium",
"ResourceType": "AwsGuardDutyDetector",
"Description": "Check if GuardDuty is enabled",
"Risk": "Amazon GuardDuty is a continuous security monitoring service that analyzes and processes several datasources.",

2
prowler/providers/aws/services/securityhub/securityhub_enabled/securityhub_enabled.metadata.json
View File

@@ -8,7 +8,7 @@
"ServiceName": "securityhub",
"SubServiceName": "",
"ResourceIdTemplate": "arn:partition:securityhub:region:account-id:hub/hub-id",
"Severity": "high",
"Severity": "medium",
"ResourceType": "AwsSecurityHubHub",
"Description": "Check if Security Hub is enabled and its standard subscriptions.",
"Risk": "AWS Security Hub gives you a comprehensive view of your security alerts and security posture across your AWS accounts.",