Root User without MFA
The root account is the highest privileged user in the cloud account. Multi-Factor Authentication (MFA) adds another mechanism of authentication...
Blog
RDS database instance is using the default master username
An Amazon Relational Database Service (Amazon RDS) DB instance is an isolated database environment running in the cloud. The DB...
GKE using certificate based authentication
A client certificate is a base64-encoded public certificate used by clients to authenticate to the cluster endpoint. Client certificates can...
GKE using Basic Authentication
Basic Authentication allows a user to authenticate to a Kubernetes cluster with a username and static password which is stored...
Key Vault secret without expiration time
Expiration time is not set for {AzureKeyVaultSecret}. It is recommended that secrets be rotated in the key vault and set...
Root User without Hardware MFA
The root user account is the most privileged user in an AWS account. MFA adds an extra layer of protection...
User auth tokens are not rotated in the last 90 days
An auth token is an Oracle-generated token string that you can use to authenticate with third-party APIs that do not...
User With Multiple SSH Keys
Identify and deactivate any unnecessary IAM SSH public keys used to authenticate to AWS CodeCommit repositories. Amazon allows you to...
Access Keys Rotation (90 days)
Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that...