aws_compliance

To help protect data in transit, ensure that your Application Load Balancer automatically redirects unencrypted HTTP requests to HTTPS.

elb_application_lb_redirect_http_request_to_https

pci_dss_v40_requirement_1_2_5

1.2.5: All services, protocols, and ports allowed are identified, approved, and have a defined business need

gxp_21_cfr_part_11_11_30

11.30 Controls for open systems

hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_b

164.308(a)(1)(ii)(B) Risk management

hipaa_security_rule_2003_164_308_a_1_ii_b

hipaa_final_omnibus_security_rule_2013_164_308_a_4_ii_a

164.308(a)(4)(ii)(A) Isolating healthcare clearing house functions

hipaa_security_rule_2003_164_308_a_4_ii_a

hipaa_final_omnibus_security_rule_2013_164_312_a_2_iv

164.312(a)(2)(iv) Encryption and decryption

hipaa_final_omnibus_security_rule_2013_164_312_e_1

164.312(e)(1) Transmission security

hipaa_security_rule_2003_164_312_e_1

hipaa_final_omnibus_security_rule_2013_164_312_e_2_i

164.312(e)(2)(i) Integrity controls

hipaa_security_rule_2003_164_312_e_2_i

hipaa_final_omnibus_security_rule_2013_164_312_e_2_ii

164.312(e)(2)(ii) Encryption

pci_dss_v40_requirement_2_2_5

2.2.5: System components cannot be compromised by exploiting insecure services, protocols, or daemons

pci_dss_v40_requirement_2_2_7

2.2.7: All non-console administrative access is encrypted using strong cryptography

pci_dss_v321_requirement_2_3

2.3 Encrypt all non-console administrative access using strong cryptography

nist_800_171_rev_2_3_1_13

3.1.13 Employ cryptographic mechanisms to protect the confidentiality of remote access sessions

nist_800_172_3_1_3_e

3.1.3e Employ [Assignment: organization-defined secure information transfer solutions] to control information flows between security domains on connected systems

rbi_itf_nbfc_3_1_i

3.1.i Public Key Infrastructure (PKI)

nist_800_171_rev_2_3_13_1

3.13.1 Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems

nist_800_171_rev_2_3_13_11

3.13.11 Employ FIPS-validated cryptography when used to protect the confidentiality of CUI

nist_800_171_rev_2_3_13_15

3.13.15 Protect the authenticity of communications sessions

nist_800_171_rev_2_3_13_5

3.13.5 Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks

nist_800_171_rev_2_3_13_8

3.13.8 Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards

pci_dss_v321_requirement_4_1

4.1 Use strong cryptography and security protocols to safeguard sensitive cardholder data during transmission over open, public networks

pci_dss_v321_requirement_4_1_a

4.1.a Identify all locations where cardholder data is transmitted or received over open, public networks

pci_dss_v321_requirement_4_1_g

4.1.g For TLS implementations, examine system configurations to verify that TLS is enabled whenever cardholder data is transmitted or received

pci_dss_v40_requirement_4_2_1_1

4.2.1.1: An inventory of the entity's trusted keys and certificates used to protect PAN during transmission is maintained

pci_dss_v40_requirement_4_2_1

4.2.1: Strong cryptography and security protocols are implemented as follows to safeguard PAN during transmission

nydfs_23_500_02_a

500.02(a)

nydfs_23_500_15_a

500.15(a)

pci_dss_v321_requirement_8_2_1

8.2.1 Using strong cryptography, render all authentication credentials (such as passwords/phrases) unreadable during transmission and storage on all system components

pci_dss_v321_requirement_8_2_1_a

8.2.1.a Examine vendor documentation and system configuration settings to verify that passwords are protected with strong cryptography during transmission and storage

pci_dss_v40_requirement_8_3_2

8.3.2: Strong cryptography is used to render all authentication factors unreadable during transmission and storage on all system components

nist_800_53_rev_5_ac_17_2

AC-17(2) Protection Of Confidentiality And Integrity Using Encryption

nist_800_53_rev_4_ac_17_2

AC-17(2) Protection Of Confidentiality/Integrity Using Encryption

fedramp_moderate_rev_4_ac_17_2

nist_800_53_rev_5_ac_24_1

AC-24(1)

nist_800_53_rev_5_ac_4_22

AC-4(22) Access Only

nist_800_53_rev_5_au_9_3

AU-9(3) Cryptographic Protection

rbi_cyber_security_annex_i_1_3

Annex I (1.3)

article_32

Article 32 Security of processing

fedramp_moderate_rev_4_sc_7

Boundary Protection (SC-7)

nist_800_53_rev_4_sc_7

fedramp_low_rev_4_sc_7

nist_800_53_rev_5_ca_9_b

CA-9(b)

soc_2_cc_6_1

CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives

soc_2_cc_6_2

CC6.2 Prior to issuing system credentials and granting system access, the entity registers and authorizes new internal and external users whose access is administered by the entity

soc_2_cc_6_7

CC6.7 The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal to meet the entity’s objectives

ffiec_d_3_pc_am_b_12

D3.PC.Am.B.12

ffiec_d_3_pc_am_b_13

D3.PC.Am.B.13

ffiec_d_3_pc_am_b_15

D3.PC.Am.B.15

all_controls_elb

nist_800_53_rev_5_ia_5_1_c

IA-5(1)(c)

nist_800_53_rev_5_ac_4

Information Flow Enforcement (AC-4)

nist_800_53_rev_5_pm_17_b

PM-17(b)

nist_csf_pr_ds_2

PR.DS-2

fedramp_low_rev_4_ac_17

Remote Access (AC-17)

nist_800_53_rev_5_sc_13_a

SC-13(a)

nist_800_53_rev_5_sc_7_4_b

SC-7(4)(b)

nist_800_53_rev_5_sc_7_4_g

SC-7(4)(g)

nist_800_53_rev_4_sc_8_1

SC-8(1) Cryptographic Or Alternate Physical Protection

fedramp_moderate_rev_4_sc_8_1

nist_800_53_rev_5_sc_8_1

SC-8(1) Cryptographic Protection

nist_800_53_rev_5_sc_8_2

SC-8(2) Pre- And Post-Transmission Handling

nist_800_53_rev_5_sc_8_3

SC-8(3) Cryptographic Protection For Message Externals

nist_800_53_rev_5_sc_8_4

SC-8(4) Conceal Or Ramdomize Communications

nist_800_53_rev_5_sc_8_5

SC-8(5) Protected Distribution System

nist_800_53_rev_5_si_1_a_2

SI-1(a)(2)

nist_800_53_rev_5_si_1_c_2

SI-1(c)(2)

nist_800_53_rev_4_sc_23

Session Authenticity (SC-23)

fedramp_moderate_rev_4_sc_23

nist_800_53_rev_5_sc_23

nist_800_53_rev_4_sc_8

Transmission Confidentiality And Integrity (SC-8)

nist_800_53_rev_5_sc_8

fedramp_moderate_rev_4_sc_8

Transmission Integrity (SC-8)

cisa_cyber_essentials_your_data_2

Your Data-2

cisa_cyber_essentials_your_systems_3

Your Systems-3

ELB application load balancers should redirect HTTP requests to HTTPS

foundational_security_elb_1

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

AWS Compliance

Apache License 2.0

steampipe-mod-aws-compliance

Control: ELB application load balancers should redirect HTTP requests to HTTPS

Description

Usage

SQL

Tags