2021-07-15 New CSPM Plugin Release
On July 15th, 2021, Aqua will release and activate the following new plugins. They can be tested ahead of time using the "Live Run" tool and optionally suppressed if required. If you have selected the "Suppress All New Plugins" option from the "Account Settings" page, then no action is required and they will be pre-suppressed in your account prior to release.
ELB SSL Termination
Ensure that Load Balancers has SSL certificate configured for SSL terminations.
App Service Certificates Expiry
Detect upcoming expiration of App Service Certificates.
Azure Monitor Logs Enabled
Ensure that Azure Monitor Logs are enabled for all logging categories and being archived in a Storage Account.
Redis Cache Minimum TLS Version
Ensures that Azure Cache for Redis is using the latest TLS version.
Redis Cache SSL Access Only Enabled
Ensures that SSL Access Only feature is enabled for Azure Redis Caches.
Monitor External Accounts with Write Permissions
Ensures that External Accounts with Write Permissions are being Monitored in Security Center.
Monitor IP Forwarding
Ensures that Virtual Machine IP Forwarding Monitoring is enabled in Security Center.
Monitor Next Generation Firewall
Ensures that Next Generation Firewall (NGFW) Monitoring is enabled in Security Center.
Monitor Total Number of Subscription Owners
Ensures that Total Number of Subscription Owners is being Monitored in Security Center
*In this release, we are refactoring resource ID's for GCP plugins for all customers. This may cause unexpected alerts and resource suppressions will need to be updated.*
Dataset All Users Policy
Ensure that BigQuery datasets do not allow public read, write or delete access.
Instance Default Service Account
Ensures that compute instances are not configured to use the default service account.
VM Instance Deletion Protection
Ensure that Virtual Machine instances have deletion protection enabled.
Instance Public Access Disabled
Ensures that compute instances are not configured to allow public access.
Shielded VM Enabled
Ensures that instances are configured with the shielded VM enabled
Key Protection Level
Ensure that cryptographic keys have protection level equal to or above desired protection level.
Topic Encryption Enabled
Ensure that Google Pub/Sub topics are encrypted with desired encryption level.
MySQL Slow Query Log Enabled
Ensures that MySQL instances have slow query log flag enabled.
PostgreSQL Max Connections
Ensure that max_connections is configured with optimal value for PostgreSQL instances.
SSL Certificate Rotation
Ensure that server certificates configured for Cloud SQL are rotated before they expire.
Storage Auto Increase Enabled
Ensure that Cloud SQL DB instances have Automatic Storage Increase feature enabled and desired limit is set for storage increases.
VPC DNS Logging Enabled
Ensure that All VPC Network has DNS logging enabled.
Did you find it helpful? Yes NoSend feedback