Dump controls

iainelder · Dec 17, 2024 · 902ec6c · 902ec6c
1 parent 5bc7535
commit 902ec6c
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/security-hub-controls.jsonl b/security-hub-controls.jsonl
@@ -512,10 +512,10 @@
 {"Id":"S3.22","Title":"S3 general purpose buckets should log object-level write events","ApplicableStandards":["CIS AWS Foundations Benchmark v3.0.0","PCI DSS v4.0.1"],"Severity":"MEDIUM","SupportsCustomParameters":"No","ScheduleType":"Periodic"}
 {"Id":"S3.23","Title":"S3 general purpose buckets should log object-level read events","ApplicableStandards":["CIS AWS Foundations Benchmark v3.0.0","PCI DSS v4.0.1"],"Severity":"MEDIUM","SupportsCustomParameters":"No","ScheduleType":"Periodic"}
 {"Id":"S3.24","Title":"S3 Multi-Region Access Points should have block public access settings enabled","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","PCI DSS v4.0.1"],"Severity":"HIGH","SupportsCustomParameters":"No","ScheduleType":"Change triggered"}
-{"Id":"SageMaker AI.1","Title":"Amazon SageMaker AI notebook instances should not have direct internet access","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","NIST SP 800-53 Rev. 5","PCI DSS v3.2.1","PCI DSS v4.0.1","Service-Managed Standard: AWS Control Tower"],"Severity":"HIGH","SupportsCustomParameters":"No","ScheduleType":"Periodic"}
-{"Id":"SageMaker AI.2","Title":"SageMaker AI notebook instances should be launched in a custom VPC","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","Service-Managed Standard: AWS Control Tower","NIST SP 800-53 Rev. 5"],"Severity":"HIGH","SupportsCustomParameters":"No","ScheduleType":"Change triggered"}
-{"Id":"SageMaker AI.3","Title":"Users should not have root access to SageMaker AI notebook instances","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","Service-Managed Standard: AWS Control Tower","NIST SP 800-53 Rev. 5"],"Severity":"HIGH","SupportsCustomParameters":"No","ScheduleType":"Change triggered"}
-{"Id":"SageMaker AI.4","Title":"SageMaker AI endpoint production variants should have an initial instance count greater than 1","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","NIST SP 800-53 Rev. 5"],"Severity":"MEDIUM","SupportsCustomParameters":"No","ScheduleType":"Periodic"}
+{"Id":"SageMaker.1","Title":"Amazon SageMaker AI notebook instances should not have direct internet access","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","NIST SP 800-53 Rev. 5","PCI DSS v3.2.1","PCI DSS v4.0.1","Service-Managed Standard: AWS Control Tower"],"Severity":"HIGH","SupportsCustomParameters":"No","ScheduleType":"Periodic"}
+{"Id":"SageMaker.2","Title":"SageMaker AI notebook instances should be launched in a custom VPC","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","Service-Managed Standard: AWS Control Tower","NIST SP 800-53 Rev. 5"],"Severity":"HIGH","SupportsCustomParameters":"No","ScheduleType":"Change triggered"}
+{"Id":"SageMaker.3","Title":"Users should not have root access to SageMaker AI notebook instances","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","Service-Managed Standard: AWS Control Tower","NIST SP 800-53 Rev. 5"],"Severity":"HIGH","SupportsCustomParameters":"No","ScheduleType":"Change triggered"}
+{"Id":"SageMaker.4","Title":"SageMaker AI endpoint production variants should have an initial instance count greater than 1","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","NIST SP 800-53 Rev. 5"],"Severity":"MEDIUM","SupportsCustomParameters":"No","ScheduleType":"Periodic"}
 {"Id":"SecretsManager.1","Title":"Secrets Manager secrets should have automatic rotation enabled","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","NIST SP 800-53 Rev. 5","PCI DSS v4.0.1","Service-Managed Standard: AWS Control Tower"],"Severity":"MEDIUM","SupportsCustomParameters":"Yes","ScheduleType":"Change triggered"}
 {"Id":"SecretsManager.2","Title":"Secrets Manager secrets configured with automatic rotation should rotate successfully","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","NIST SP 800-53 Rev. 5","PCI DSS v4.0.1","Service-Managed Standard: AWS Control Tower"],"Severity":"MEDIUM","SupportsCustomParameters":"No","ScheduleType":"Change triggered"}
 {"Id":"SecretsManager.3","Title":"Remove unused Secrets Manager secrets","ApplicableStandards":["AWS Foundational Security Best Practices v1.0.0","NIST SP 800-53 Rev. 5","Service-Managed Standard: AWS Control Tower"],"Severity":"MEDIUM","SupportsCustomParameters":"Yes","ScheduleType":"Periodic"}