Warden CSPM Rules Release Notes

Release 2023.04.27

Amazon Web Services (AWS)

  • Rule update
    • Ensure KMS Customer-Managed Keys Are Not Publicly Accessible
      • Bug fixes and remediation update

Release 2023.04.20

Amazon Web Services (AWS)

  • 4 new rules
    • Enable Continuous Backups for DynamoDB Tables
    • Ensure KMS Customer-Managed Keys Are Not Publicly Accessible
    • Enable IAM DB Authentication for RDS Databases
    • Enable Automated Backups and Set Appropriate Retention Period for RDS Databases

Huawei Cloud

  • Rule update
    • Ensure That CMK Rotation Is Enabled
      • Rule logic update to exclude default and disabled Customer-managed keys
      • Reference link updated
    • Ensure CloudTrace Log File Integrity Validation Is Enabled for Management Tracker
      • Rule title update to indicate that this is for management trackers only
      • Rule logic update to exclude data tracker as it is not supported on Huawei Cloud
    • RDS Instance Delete Protection Not Enabled
      • Rule logic update to exclude "Prepaid" (Subscription) billing method as it is not supported on Huawei Cloud
    • Ensure ELB Certificate Has Not Expired
      • Bug fix due to Huawei API changes

Azure

  • Rule update
    • Azure Load Balancer With No Backend Pool Instances Found
      • Rule logic update to accept backend pool without IP

Release 2023.04.14


Amazon Web Services (AWS)

  • Rule update
    • SQS Server Side Encryption Not Enabled
      • Rule logic update to accept SSE-SQS as a server-sided encryption method.

Release 2023.03.31


Huawei Cloud

  • Rules update
    • Ensure That ELB Listeners Are Encrypted
      • Rule logic update to check for HTTP protocol or usage of port 80 taking into account that the network load balancer does not have HTTPS.
    • Ensure the CloudTrace Management Tracker Exports to Log Tank Service (LTS)
      • Updated remediation steps

Release 2023.03.17

Amazon Web Services (AWS)

  • 4 new rules
    • Enable Encryption at Rest for Redshift Clusters
    • Ensure Redshift Clusters Are Not Publicly Accessible
    • Enable Automated Snapshots and Set Appropriate Retention Period for Redshift Clusters
    • Enable KMS Customer-Managed Keys for Redshift Clusters

Huawei Cloud

  • 2 custom parameter-enabled rules
    • Ensure Access Keys Are Rotated Every 90 Days or Less
      • Configurable between 1 day to 365 days
    • Ensure IAM Password Policy Requires Uppercase Letters, Lowercase Letters, Digits and Special Characters
      • Configurable between 1 to 4 combinations

Release 2023.03.10

Alibaba Cloud

  • 5 new rules
    • No Unused Elastic IP Addresses
    • Ensure that Access is Restricted from the Internet For MongoDB Service
    • Ensure that Access is Restricted from the Internet For Redis Service
    • Enable Release Protection for Redis Instance
    • Redis Instance Whitelist Settings Not Configured to 0.0.0.0/0