aws_compliance

AWS Compliance

To help with logging and monitoring within your environment, enable AWS WAF (V2) logging on regional and global web ACLs.

wafv2_web_acl_logging_enabled

pci_dss_v321_requirement_10_1

10.1 Implement audit trails to link all access to system components to each individual user

gxp_21_cfr_part_11_11_10_e

11.10(e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records

hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_d

164.308(a)(1)(ii)(D) Information system activity review

hipaa_security_rule_2003_164_308_a_1_ii_d

hipaa_final_omnibus_security_rule_2013_164_308_a_4_ii_a

164.308(a)(4)(ii)(A) Isolating healthcare clearing house functions

hipaa_security_rule_2003_164_308_a_4_ii_a

hipaa_security_rule_2003_164_312_b

164.312(b) Audit controls

hipaa_final_omnibus_security_rule_2013_164_312_b

nist_800_171_rev_2_3_1_12

3.1.12 Monitor and control remote access sessions

rbi_itf_nbfc_3_1_h

3.1.h Trails

nist_800_171_rev_2_3_13_1

3.13.1 Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems

nist_800_171_rev_2_3_13_5

3.13.5 Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks

nist_800_171_rev_2_3_14_6

3.14.6 Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks

nist_800_171_rev_2_3_14_7

3.14.7 Identify unauthorized use of organizational systems

pci_dss_v321_requirement_3_2_3

3.2.3 Do not store the personal identification number (PIN) or the encrypted PIN block after authorization

nist_800_171_rev_2_3_3_1

3.3.1 Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity

nist_800_171_rev_2_3_3_3

3.3.3 Review and update logged events

pci_dss_v321_requirement_3_4_d

3.4.d Examine a sample of audit logs, including payment application logs, to confirm that PAN is rendered unreadable or is not present in the logs

nist_800_171_rev_2_3_6_1

3.6.1 Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities

nist_800_171_rev_2_3_6_2

3.6.2 Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization

nydfs_23_500_02_b_3

500.02(b)(3)

nydfs_23_500_06_a

500.06(a)

nydfs_23_500_14_a

500.14(a)

cis_controls_v8_ig1_8_2

8.2 Collect Audit Logs

soc_2_a_1_2

A1.2 The entity authorizes, designs, develops or acquires, implements, operates, approves, maintains, and monitors environmental protections, software, data back-up processes, and recovery infrastructure to meet its objectives

fedramp_moderate_rev_4_ac_2_g

AC-2(g)

nist_800_53_rev_5_ac_4_26

AC-4(26) Audit Filtering Actions

acsc_essential_eight_ml_2_1_3

ACSC-EE-ML2-1.3: Application control ML2

acsc_essential_eight_ml_2_5_11

ACSC-EE-ML2-5.11: Restrict administrative privileges ML2

acsc_essential_eight_ml_2_5_12

ACSC-EE-ML2-5.12: Restrict administrative privileges ML2

acsc_essential_eight_ml_2_7_7

ACSC-EE-ML2-7.7: Multi-factor authentication ML2

nist_800_53_rev_5_au_12_1

AU-12(1) System-Wide And Time-Correlated Audit Trial

nist_800_53_rev_5_au_12_2

AU-12(2) Standardized Formats

nist_800_53_rev_5_au_12_3

AU-12(3) Changes By Authorized Individuals

nist_800_53_rev_5_au_12_4

AU-12(4) Query Parameter Audits Of Personally Identifiable Information

nist_800_53_rev_5_au_12_a

AU-12(a)

fedramp_moderate_rev_4_au_12_a_c

AU-12(a)(c)

nist_800_53_rev_5_au_12_c

AU-12(c)

nist_800_53_rev_5_au_14_3

AU-14(3) Remote Viewing And Listening

nist_800_53_rev_5_au_14_a

AU-14(a)

nist_800_53_rev_5_au_14_b

AU-14(b)

fedramp_moderate_rev_4_au_2_a_d

AU-2(a)(d)

nist_800_53_rev_5_au_2_b

AU-2(b)

nist_800_53_rev_5_au_3_a

AU-3(a)

nist_800_53_rev_5_au_3_b

AU-3(b)

nist_800_53_rev_5_au_3_c

AU-3(c)

nist_800_53_rev_5_au_3_d

AU-3(d)

nist_800_53_rev_5_au_3_e

AU-3(e)

nist_800_53_rev_5_au_3_f

AU-3(f)

fedramp_moderate_rev_4_au_6_1_3

AU-6(1)(3)

nist_800_53_rev_5_au_6_3

AU-6(3) Correlate Audit Record Repositories

nist_800_53_rev_5_au_6_4

AU-6(4) Central Review And Analysis

nist_800_53_rev_5_au_6_6

AU-6(6) Correletion With Physical Monitoring

nist_800_53_rev_5_au_6_9

AU-6(9) Correletion With From Nontechnical Sources

nist_800_53_rev_5_au_8_b

AU-8(b)

fedramp_low_rev_4_ac_2

Account Management (AC-2)

rbi_cyber_security_annex_i_7_4

Annex I (7.4)

article_32

Article 32 Security of processing

fedramp_low_rev_4_au_2

Audit Events (AU-2)

nist_800_53_rev_4_au_12

Audit Generation (AU-12)

fedramp_low_rev_4_sc_7

Boundary Protection (SC-7)

nist_800_53_rev_4_sc_7

fedramp_moderate_rev_4_sc_7

nist_800_53_rev_5_ca_7_b

CA-7(b)

soc_2_cc_7_2

CC7.2 The entity monitors system components and the operation of those components for anomalies that are indicative of malicious acts, natural disasters, and errors affecting the entity's ability to meet its objectives; anomalies are analyzed to determine whether they represent security events

nist_800_53_rev_5_cm_5_1_b

CM-5(1)(b)

fedramp_moderate_rev_4_au_3

Content of Audit Records (AU-3)

nist_800_53_rev_4_au_3

nist_800_53_rev_5_pm_31

Continuous Monitoring Strategy (PM-31)

ffiec_d_2_ma_ma_b_1

D2.MA.Ma.B.1

ffiec_d_3_dc_an_b_3

D3.DC.An.B.3

ffiec_d_3_dc_an_b_4

D3.DC.An.B.4

ffiec_d_3_pc_im_b_3

D3.PC.IM.B.3

ffiec_d_5_dr_de_b_3

D5.DR.De.B.3

nist_csf_de_ae_1

DE.AE-1

nist_csf_de_ae_3

DE.AE-3

nist_csf_de_cm_5

DE.CM-5

nist_csf_de_dp_4

DE.DP-4

nist_800_53_rev_4_au_2

Event Logging (AU-2)

nist_800_53_rev_5_ia_3_3_b

IA-3(3)(b)

nist_800_53_rev_4_si_4

Information System Monitoring (SI-4)

nist_800_53_rev_5_ma_4_1_a

MA-4(1)(a)

nist_800_53_rev_5_au_10

Non-Repudiation (AU-10)

nist_800_53_rev_5_pm_14_a_1

PM-14(a)(1)

nist_800_53_rev_5_pm_14_b

PM-14(b)

nist_csf_pr_pt_1

PR.PT-1

nist_800_53_rev_5_sc_7_9_b

SC-7(9)(b)

nist_800_53_rev_5_si_4_17

SI-4(17) Integrated Situational Awareness

fedramp_moderate_rev_4_si_4_a_b_c

SI-4(a)(b)(c)

nist_800_53_rev_5_si_7_8

SI-7(8) Auditing Capability For Significant Events

all_controls_wafv2

WAFv2

cisa_cyber_essentials_your_data_2

Your Data-2

cisa_cyber_essentials_your_systems_3

Your Systems-3

Logging should be enabled on AWS WAFv2 regional and global web access control list (ACLs)

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: Logging should be enabled on AWS WAFv2 regional and global web access control list (ACLs)

Description

Usage

SQL

Tags