logo

Database

Security

Rules

Security Rules define automated logic and checks across code, cloud, applications, and binaries. They provide a structured approach to identifying vulnerabilities, strengthening secure development practices, and aligning with compliance and risk-management standards.

Total rules

1,404

Targets covered

36

Mapped standards

156

CSPM-0DFDW

CSPM

Aws Password And Access Keys

0.6

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-250

Last update time: Mar 17, 2026

CSPM-0ED1D

CSPM

Aws Auto Backups Disabled

1.8

Low

Target: AWS

Technology: ELASTICACHE

CWE ID(s):

CWE-732

Last update time: Mar 17, 2026

CSPM-0FTDG

CSPM

Aws Cluster Logging Disabled

0.6

Low

Target: AWS

Technology: KAFKA

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-0ICWN

CSPM

Aws Instance Tls Disabled

0.6

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-327

Last update time: Mar 17, 2026

CSPM-0W4GF

CSPM

Aws Trail Bucket Logging Disabled

0.6

Low

Target: AWS

Technology: S3

CWE ID(s):

CWE-778

Last update time: Mar 20, 2026

CSPM-1FELR

CSPM

Aws Invalid Header Fields Not Dropped

1.3

Low

Target: AWS

Technology: ELBV2

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-233C2

CSPM

Aws Public Buckets

0.5

Low

Target: AWS

Technology: S3

CWE ID(s):

CWE-250

Last update time: Mar 20, 2026

CSPM-2PI3R

CSPM

Aws Insecure Transport

0.6

Low

Target: AWS

Technology: S3

CWE ID(s):

CWE-319

Last update time: Mar 19, 2026

CSPM-3EESR

CSPM

Aws Multiple Network Interfaces

4.6

Medium

Target: AWS

Technology: EC2

CWE ID(s):

CWE-497

Last update time: Mar 17, 2026

CSPM-3ESTU

CSPM

Aws Unencrypted Snapshots

2.1

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-497

Last update time: Mar 17, 2026

CSPM-3WUW3

CSPM

Aws Public Queue

0.5

Low

Target: AWS

Technology: SQS

CWE ID(s):

CWE-250

Last update time: Mar 19, 2026

CSPM-42IPA

CSPM

Aws Admin Ports Open

2.7

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-4I4IP

CSPM

Aws Persistent Logs

0.6

Low

Target: AWS

Technology: ELASTIC_BEANSTALK

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-56SNE

CSPM

Aws Sqs Encryption Disabled

1.3

Low

Target: AWS

Technology: SQS

CWE ID(s):

CWE-306

Last update time: Nov 27, 2025

CSPM-5ESSI

CSPM

Aws No Sensitive Info Filter

1.3

Low

Target: AWS

Technology: BEDROCK

CWE ID(s):

CWE-306

Last update time: Nov 27, 2025

CSPM-5TAIS

CSPM

Aws Certificate Expired

1.3

Low

Target: AWS

Technology: ACM

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-6FAII

CSPM

Aws Cache Encryption Disabled

1.3

Low

Target: AWS

Technology: API_GATEWAY

CWE ID(s):

CWE-306

Last update time: Nov 27, 2025

CSPM-6RTHW

CSPM

Aws Virtual Gateway Tls Disabled

0.6

Low

Target: AWS

Technology: APP_MESH

CWE ID(s):

CWE-327

Last update time: Nov 27, 2025

CSPM-AAHAS

CSPM

Aws Anyone Can Publish

1.3

Low

Target: AWS

Technology: SNS

CWE ID(s):

CWE-306

Last update time: Mar 20, 2026

CSPM-AALWE

CSPM

Aws Default Allows All Traffic

2.7

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-ADFWN

CSPM

Aws Old Credentials Enabled

2.7

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-521

Last update time: Mar 19, 2026

CSPM-AEYSE

CSPM

Aws Master Keys Exposed

0.5

Low

Target: AWS

Technology: KMS

CWE ID(s):

CWE-250

Last update time: Mar 20, 2026

CSPM-AFS3U

CSPM

Aws Password Expiration Unsafe

2.7

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-521

Last update time: Nov 27, 2025

CSPM-AIUCK

CSPM

Aws Acl Public Buckets

8.1

High

Target: AWS

Technology: S3

CWE ID(s):

CWE-552

Last update time: Nov 27, 2025

CSPM-AIW3E

CSPM

Aws Group Permissive Inline Policies

0.5

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-250

Last update time: Mar 19, 2026

CSPM-ALRPL

CSPM

Aws All Ports Open Public

2.7

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-AM3F6

CSPM

Aws Password Reuse Unsafe

1.7

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-521

Last update time: Nov 27, 2025

CSPM-AOTC1

CSPM

Aws Root Access Keys

1.3

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-306

Last update time: Mar 19, 2026

CSPM-AREES

CSPM

Aws Intercontainer Encryption Disabled

1.3

Low

Target: AWS

Technology: SAGEMAKER

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-ATAEH

CSPM

Aws Backup Retention Period

1.8

Low

Target: AWS

Technology: ELASTICACHE

CWE ID(s):

CWE-732

Last update time: Mar 17, 2026

CSPM-ATCPT

CSPM

Aws Unencrypted Secrets

1.3

Low

Target: AWS

Technology: EKS

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-ATIOU

CSPM

Aws Private Buckets Not Blocking Acls

0.5

Low

Target: AWS

Technology: S3

CWE ID(s):

CWE-250

Last update time: Nov 27, 2025

CSPM-AWEDE

CSPM

Aws Terminate Shutdown Behavior

4.6

Medium

Target: AWS

Technology: EC2

CWE ID(s):

CWE-497

Last update time: Mar 17, 2026

CSPM-BN6FS

CSPM

Aws Public Snapshot

1.3

Low

Target: AWS

Technology: EBS

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-BPUHB

CSPM

Aws Public Clusters

1.3

Low

Target: AWS

Technology: REDSHIFT

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-BRNAC

CSPM

Aws Insecure Ssl Cipher

0.5

Low

Target: AWS

Technology: ELBV2

CWE ID(s):

CWE-327

Last update time: Mar 17, 2026

CSPM-C0LGW

CSPM

Aws Delivery Failing

0.6

Low

Target: AWS

Technology: CLOUDTRAIL

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-C4ULA

CSPM

Aws Without Audit Logs

0.6

Low

Target: AWS

Technology: DOCDB

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-CAIWI

CSPM

Aws Policy Misconfigured

0.5

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-250

Last update time: Mar 20, 2026

CSPM-CRNSE

CSPM

Aws Automatic Rotation Disabled

1.7

Low

Target: AWS

Technology: SECRETS_MANAGER

CWE ID(s):

CWE-262

Last update time: Mar 17, 2026

CSPM-CSONB

CSPM

Aws Anyone Can Subscribe

1.3

Low

Target: AWS

Technology: SNS

CWE ID(s):

CWE-306

Last update time: Mar 20, 2026

CSPM-CTEER

CSPM

Aws Cluster Snapshot Unencrypted

1.3

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-CW0N2

CSPM

Aws Rfc1918 Ip Ranges

0.5

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-DAAIG

CSPM

Aws Access Logging Disabled

0.6

Low

Target: AWS

Technology: ELBV2

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-DD6LT

CSPM

Aws Cluster Encryption Disabled

1.3

Low

Target: AWS

Technology: DAX

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-DEEAC

CSPM

Aws Mfa Disabled Console Users

2.4

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-308

Last update time: Mar 17, 2026

CSPM-DLEEN

CSPM

Aws Encryption At Rest Disabled

1.3

Low

Target: AWS

Technology: OPENSEARCH

CWE ID(s):

CWE-306

Last update time: Nov 27, 2025

CSPM-DNPYN

CSPM

Aws Db Snapshot Unencrypted

1.3

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-DOIT2

CSPM

Aws Modify Instance Attribute

4.6

Medium

Target: AWS

Technology: EC2

CWE ID(s):

CWE-497

Last update time: Mar 20, 2026

CSPM-DOPAL

CSPM

Aws Public Snapshots

1.3

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-306

Last update time: Nov 27, 2025

CSPM-DTF6L

CSPM

Aws Broker Broker Tls Disabled

0.6

Low

Target: AWS

Technology: KAFKA

CWE ID(s):

CWE-327

Last update time: Mar 17, 2026

CSPM-DWEFP

CSPM

Aws Domain Exposed

0.6

Low

Target: AWS

Technology: OPENSEARCH

CWE ID(s):

CWE-250

Last update time: Mar 20, 2026

CSPM-DWGAF

CSPM

Aws Mfa Disabled

1.3

Low

Target: AWS

Technology: COGNITO

CWE ID(s):

CWE-308

Last update time: Mar 17, 2026

CSPM-EDIAA

CSPM

Aws Iam Authentication Disabled

1.3

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-306

Last update time: Nov 27, 2025

CSPM-EENI9

CSPM

Aws Files Not Validated

0.6

Low

Target: AWS

Technology: CLOUDTRAIL

CWE ID(s):

CWE-117

Last update time: Nov 27, 2025

CSPM-EFSLR

CSPM

Aws Allow All Ingress

0.5

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-EIESN

CSPM

Aws Privilege Escalation By Policy Versions

5.9

Medium

Target: AWS

Technology: IAM

CWE ID(s):

CWE-78

Last update time: Mar 20, 2026

CSPM-EIRRA

CSPM

Aws Ssl Not Required

1.3

Low

Target: AWS

Technology: REDSHIFT

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-ENR65

CSPM

Aws Transfer Lock Disabled

1.3

Low

Target: AWS

Technology: ROUTE53

CWE ID(s):

CWE-306

Last update time: Mar 17, 2026

CSPM-EOD7B

CSPM

Aws Old Ssh Public Keys

2.7

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-521

Last update time: Mar 17, 2026

CSPM-EODOA

CSPM

Aws Elbv2 Deletion Protection Disabled

4.6

Medium

Target: AWS

Technology: ELBV2

CWE ID(s):

CWE-732

Last update time: Mar 17, 2026

CSPM-EOSTE

CSPM

Aws Not Requires Numbers

1.7

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-521

Last update time: Nov 27, 2025

CSPM-ERLNW

CSPM

Aws Opensearch Insecure Tls Version

0.6

Low

Target: AWS

Technology: OPENSEARCH

CWE ID(s):

CWE-327

Last update time: Mar 17, 2026

CSPM-ESPIS

CSPM

Aws Public Instances

2.7

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-863

Last update time: Nov 27, 2025

CSPM-ESU11

CSPM

Aws Full Ssm Access

0.6

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-250

Last update time: Mar 20, 2026

CSPM-EU9TU

CSPM

Aws Unrestricted Cluster Security Groups

0.5

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-1327

Last update time: Nov 27, 2025

CSPM-EWCRF

CSPM

Aws Allow All Egress

1.7

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-F4EWG

CSPM

Aws Without Flowlog

0.6

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-FBPEE

CSPM

Aws At Rest Encryption Disabled

1.3

Low

Target: AWS

Technology: ELASTICACHE

CWE ID(s):

CWE-306

Last update time: Nov 27, 2025

CSPM-FCCCE

CSPM

Aws Unrestricted Broker Access

0.6

Low

Target: AWS

Technology: KAFKA

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-FDIII

CSPM

Aws Unrestricted Ip Protocols

0.6

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-FRCAW

CSPM

Aws Unrestricted Ftp Access

0.5

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026

CSPM-GAP6W

CSPM

Aws Api Gateway Insecure Tls Version

1.3

Low

Target: AWS

Technology: API_GATEWAY

CWE ID(s):

CWE-327

Last update time: Mar 17, 2026

CSPM-GGBGI

CSPM

Aws Audit Logging Disabled

0.6

Low

Target: AWS

Technology: REDSHIFT

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-GLWUC

CSPM

Aws Catalog Encryption Disabled

1.3

Low

Target: AWS

Technology: GLUE

CWE ID(s):

CWE-306

Last update time: Nov 27, 2025

CSPM-GTRRI

CSPM

Aws Root Signing Certificates

1.3

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-306

Last update time: Mar 19, 2026

CSPM-HPTFC

CSPM

Aws Traffic Allows Http

0.6

Low

Target: AWS

Technology: CLOUDFRONT

CWE ID(s):

CWE-319

Last update time: Nov 27, 2025

CSPM-HWNAF

CSPM

Aws Domain Allows Http

0.6

Low

Target: AWS

Technology: OPENSEARCH

CWE ID(s):

CWE-319

Last update time: Nov 27, 2025

CSPM-I0OGR

CSPM

Aws Referencing Missing S3 Bucket

0.6

Low

Target: AWS

Technology: CONFIG

CWE ID(s):

CWE-778

Last update time: Nov 27, 2025

CSPM-IAE3Q

CSPM

Aws Not Requires Lowercase

2.7

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-521

Last update time: Nov 27, 2025

CSPM-IFFON

CSPM

Aws Unapproved Amis

4.6

Medium

Target: AWS

Technology: EC2

CWE ID(s):

CWE-497

Last update time: Mar 17, 2026

CSPM-IIRFA

CSPM

Aws Root Without Mfa

2.4

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-308

Last update time: Nov 27, 2025

CSPM-IPCSC

CSPM

Aws Associate Public Ip

4.6

Medium

Target: AWS

Technology: EC2

CWE ID(s):

CWE-497

Last update time: Mar 17, 2026

CSPM-ITDIE

CSPM

Aws Redshift Encryption Disabled

1.2

Low

Target: AWS

Technology: REDSHIFT

CWE ID(s):

CWE-312

Last update time: Mar 17, 2026

CSPM-IWERI

CSPM

Aws Versioning Disabled

4.6

Medium

Target: AWS

Technology: S3

CWE ID(s):

CWE-922

Last update time: Mar 17, 2026

CSPM-L0IIO

CSPM

Aws User Activity Logging Disabled

0.6

Low

Target: AWS

Technology: REDSHIFT

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-L0R0D

CSPM

Aws Instance Logs Disabled

0.6

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-LALSD

CSPM

Aws Docdb Cluster Tls Disabled

0.5

Low

Target: AWS

Technology: DOCDB

CWE ID(s):

CWE-327

Last update time: Mar 17, 2026

CSPM-LAUQA

CSPM

Aws Not Requires Symbols

2.7

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-521

Last update time: Nov 27, 2025

CSPM-LBCGL

CSPM

Aws Privilege Escalation By Attach Policy

6.1

Medium

Target: AWS

Technology: IAM

CWE ID(s):

CWE-78

Last update time: Mar 20, 2026

CSPM-LGFGS

CSPM

Aws Cloudfront Logging Disabled

0.6

Low

Target: AWS

Technology: CLOUDFRONT

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-LL5EI

CSPM

Aws Delete Recovery Points Allowed

1.3

Low

Target: AWS

Technology: BACKUP

CWE ID(s):

CWE-306

Last update time: Mar 19, 2026

CSPM-LLO0O

CSPM

Aws Insecure Protocols

0.6

Low

Target: AWS

Technology: CLOUDFRONT

CWE ID(s):

CWE-327

Last update time: Nov 27, 2025

CSPM-LLPPD

CSPM

Aws Neptune Instance Logs Disabled

0.6

Low

Target: AWS

Technology: NEPTUNE

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-LSOFA

CSPM

Aws Cluster Logs Disabled

0.6

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-778

Last update time: Mar 17, 2026

CSPM-LWNAI

CSPM

Aws Trails Not Multiregion

0.6

Low

Target: AWS

Technology: CLOUDTRAIL

CWE ID(s):

CWE-778

Last update time: Nov 27, 2025

CSPM-M6B6D

CSPM

Aws Automated Backups Disabled

2

Low

Target: AWS

Technology: RDS

CWE ID(s):

CWE-732

Last update time: Mar 17, 2026

CSPM-NAMEP

CSPM

Aws Open Passrole

0.6

Low

Target: AWS

Technology: IAM

CWE ID(s):

CWE-250

Last update time: Mar 20, 2026

CSPM-NELE1

CSPM

Aws Default Event Bus Exposed

1.3

Low

Target: AWS

Technology: EVENTS

CWE ID(s):

CWE-306

Last update time: Mar 20, 2026

CSPM-NESFG

CSPM

Aws Insecure Port Ranges

0.6

Low

Target: AWS

Technology: EC2

CWE ID(s):

CWE-1327

Last update time: Mar 17, 2026