Archives

Risk Rating: High

Access to High privileged VMs

Control reports that provide visibility to users who have access to critical, high-privileged VMs. It is recommended to monitor the access to high privileged VMs...

American Express-Sensitive Files

The control reports list all of the files related to American Express Credit Card sensitive content.  All American Express documents are considered as High Risk...

Application Gateway with Logging Disabled

Detects Application Gateways with Diagnostic logging disabled.  Diagnostic logging provides insight into operations resources performed.  Logs help you troubleshoot past problems or prevent potential ones.

Application Gateway with WAF Disabled.

Detects Application Gateways with WAF disabled.  It is recommended to utilize the Web Application Firewall (WAF) provided with Application Gateway to safeguard the application tier...

Application gateways not in WAF tier

Detects application gateways not in WAF tier.  A centralized web application firewall (WAF) helps make security management straight forward and gives better assurance to application...

Basis Utilities & Configuration

A developer could modify program components (menus, screen layout, messages, queries) and configure the production environment to limit monitoring of the program runs using the...

Box – PCI Sensitive Files

The control reports list of all the file Attachments with PCI related sensitive content.  PCI is an information security standard for organizations that handle branded...

Box – PII Sensitive Files

The control reports lists all file Attachments with PII related sensitive content.  PII is an information security standard for organizations that handle personally identifying information. ...

Brute force attack on the app/DB

The organization monitors unsuccessful login attempts and escalates priority in the event unsuccessful logins may be due to brute force attack. Typically these reports are...