aws_compliance

AWS Compliance

Ensure AWS WAF is enabled on Elastic Load Balancers (ELB) to help protect web applications.

elb_application_lb_waf_enabled

pci_dss_v321_requirement_1_1_4_c

1.1.4.c Observe network configurations to verify that a firewall is in place at each Internet connection and between any demilitarized zone (DMZ) and the internal network zone, per the documented configuration standards and network diagrams

rbi_itf_nbfc_3_1_g

3.1.g Incident Management

nist_800_171_rev_2_3_13_1

3.13.1 Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems

nist_800_171_rev_2_3_13_5

3.13.5 Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks

nist_800_171_rev_2_3_14_2

3.14.2 Provide protection from malicious code at designated locations within organizational systems

nist_800_171_rev_2_3_14_6

3.14.6 Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks

nydfs_23_500_02_b_2

500.02(b)(2)

pci_dss_v321_requirement_6_6

6.6 For public-facing web applications, ensure that either one of the requirements are in place

nist_800_53_rev_5_ac_4_21

AC-4(21) Physical Or Logical Separation Of Infomation Flows

rbi_cyber_security_annex_i_5_1

Annex I (5.1)

fedramp_moderate_rev_4_cm_2

Baseline Configuration (CM-2)

fedramp_low_rev_4_sc_7

Boundary Protection (SC-7)

nist_800_53_rev_4_sc_7

fedramp_moderate_rev_4_sc_7

soc_2_cc_6_1

CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives

soc_2_cc_6_2

CC6.2 Prior to issuing system credentials and granting system access, the entity registers and authorizes new internal and external users whose access is administered by the entity

soc_2_cc_6_6

CC6.6 The entity implements logical access security measures to protect against threats from sources outside its system boundaries

fedramp_low_rev_4_ca_7

Continuous Monitoring (CA-7)

ffiec_d_3_pc_im_b_2

D3.PC.IM.B.2

ffiec_d_3_pc_im_b_1

D3.PC.Im.B.1

nist_csf_de_cm_5

DE.CM-5

nist_csf_de_dp_4

DE.DP-4

all_controls_elb

nist_800_53_rev_4_si_4

Information System Monitoring (SI-4)

fedramp_moderate_rev_4_si_4_a_b_c

SI-4(a)(b)(c)

cisa_cyber_essentials_your_data_2

Your Data-2

cisa_cyber_essentials_your_data_3

Your Data-3

cisa_cyber_essentials_your_systems_3

Your Systems-3

ELB application load balancers should have Web Application Firewall (WAF) enabled

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: ELB application load balancers should have Web Application Firewall (WAF) enabled

Description

Usage

SQL

Tags