CIS Control 5

5.1.1 Ensure EBS Volume Encryption is Enabled in All Regions (Automated)
Profile Applicability: Level 1 Description: Elastic Block Store (EBS) provides encryption at rest for Amazon EC2 instances. While EBS encryption is disab...
Wed, 19 Feb, 2025 at 11:19 PM
5.1.2 Ensure CIFS Access is Restricted to Trusted Networks to Prevent Unauthorized Access (Manual)
Profile Applicability: Level 1 Description: Common Internet File System (CIFS) is a network file-sharing protocol that allows systems to share files over...
Mon, 17 Feb, 2025 at 9:11 PM
5.2 Ensure no Network ACLs allow ingress from 0.0.0.0/0 to Remote Server Administration Ports (Automated)
Profile Applicability: Level 1 Description: The Network Access Control List (NACL) function provides stateless filtering of ingress and egress network tr...
Mon, 17 Feb, 2025 at 9:09 PM
5.3 Ensure No Security Groups Allow Ingress from 0.0.0.0/0 to Remote Server Administration Ports (Automated)
Profile Applicability: Level 1 Description: AWS Security Groups provide stateful filtering for inbound and outbound network traffic to AWS resources. It ...
Mon, 17 Feb, 2025 at 8:50 AM
5.4 Ensure No Security Groups Allow Ingress from ::/0 to Remote Server Administration Ports (Automated)
Profile Applicability: Level 1 Description: Security Groups provide stateful filtering of ingress and egress network traffic to AWS resources. It is reco...
Mon, 17 Feb, 2025 at 7:10 AM
5.5 Ensure the Default Security Group of Every VPC Restricts All Traffic (Automated)
Profile Applicability: Level 2 Description: Each AWS VPC has a default security group that, by default: Denies all inbound traffic Allows all outbo...
Thu, 20 Feb, 2025 at 4:10 AM
5.6 Ensure Routing Tables for VPC Peering are "Least Access" (Manual)
Profile Applicability: Level 2 Description: When establishing VPC Peering, routing tables must be updated to enable connectivity between the peered VPCs....
Mon, 17 Feb, 2025 at 7:03 AM
5.7 Ensure that the EC2 Metadata Service Only Allows IMDSv2 (Automated)
Profile Applicability: Level 1 Description: When enabling the Metadata Service on AWS EC2 instances, users can choose between: IMDSv1 (Request/Respons...
Fri, 14 Feb, 2025 at 3:56 AM