Terrascan K8s New categories and ruleRef ID changes (#583)

* adding terrascan changes * changing ref id * adding correct refid * updated reference id * adding updated rule reference id * updating erverity * updating cetegories * updated rule reference id * updating rule ref id Co-authored-by: apple <avanti@accurics.com>
tenable · Mar 9, 2021 · 6bdcf0c · 6bdcf0c
1 parent 02d312e
commit 6bdcf0c
Show file tree

Hide file tree

Showing 90 changed files with 138 additions and 138 deletions.
diff --git a/...ubernetes_ingress/AC-K8-NS-IN-H-0020.json → ...ubernetes_ingress/AC-K8-IS-IN-M-0002.json b/...ubernetes_ingress/AC-K8-NS-IN-H-0020.json → ...ubernetes_ingress/AC-K8-IS-IN-M-0002.json
@@ -6,9 +6,9 @@
         "prefix": "",
         "suffix": ""
     },
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "description": "TLS disabled can affect the confidentiality of the data in transit",
-    "reference_id": "AC-K8-NS-IN-H-0020",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-IN-M-0002",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...ernetes_namespace/AC-K8-OE-NS-L-0128.json → ...ernetes_namespace/AC-K8-SP-NS-L-0013.json b/...ernetes_namespace/AC-K8-OE-NS-L-0128.json → ...ernetes_namespace/AC-K8-SP-NS-L-0013.json
@@ -8,7 +8,7 @@
     },
     "severity": "LOW",
     "description": "No owner for namespace affects the operations",
-    "reference_id": "AC-K8-OE-NS-L-0128",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-NS-L-0013",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...amespace/accurics.kubernetes.OPS.460.json → ...ernetes_namespace/AC-K8-SP-NS-L-0259.json b/...amespace/accurics.kubernetes.OPS.460.json → ...ernetes_namespace/AC-K8-SP-NS-L-0259.json
@@ -10,7 +10,7 @@
     },
     "severity": "LOW",
     "description": "The default namespace should not be used",
-    "reference_id": "accurics.kubernetes.OPS.460",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-NS-L-0259",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...amespace/accurics.kubernetes.OPS.461.json → ...ernetes_namespace/AC-K8-SP-NS-L-0461.json b/...amespace/accurics.kubernetes.OPS.461.json → ...ernetes_namespace/AC-K8-SP-NS-L-0461.json
@@ -10,7 +10,7 @@
     },
     "severity": "LOW",
     "description": "The default namespace should not be used",
-    "reference_id": "accurics.kubernetes.OPS.461",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-NS-L-0461",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...amespace/accurics.kubernetes.OPS.462.json → ...ernetes_namespace/AC-K8-SP-NS-L-0462.json b/...amespace/accurics.kubernetes.OPS.462.json → ...ernetes_namespace/AC-K8-SP-NS-L-0462.json
@@ -10,7 +10,7 @@
     },
     "severity": "LOW",
     "description": "The default namespace should not be used",
-    "reference_id": "accurics.kubernetes.OPS.462",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-NS-L-0462",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-OE-PK-M-0034.json → ...8s/kubernetes_pod/AC-K8-CV-PK-M-0021.json b/...8s/kubernetes_pod/AC-K8-OE-PK-M-0034.json → ...8s/kubernetes_pod/AC-K8-CV-PK-M-0021.json
@@ -13,7 +13,7 @@
     },
     "severity": "MEDIUM",
     "description": "AlwaysPullImages plugin is not set",
-    "reference_id": "AC-K8-OE-PK-M-0034",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-CV-PK-M-0021",
+    "category": "Compliance Validation",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-CA-PO-H-0165.json → ...8s/kubernetes_pod/AC-K8-CV-PO-H-0085.json b/...8s/kubernetes_pod/AC-K8-CA-PO-H-0165.json → ...8s/kubernetes_pod/AC-K8-CV-PO-H-0085.json
@@ -15,7 +15,7 @@
     },
     "severity": "HIGH",
     "description": "Containers Should Not Run with AllowPrivilegeEscalation",
-    "reference_id": "AC-K8-CA-PO-H-0165",
-    "category": "Cloud Assets Management",
+    "reference_id": "AC-K8-CV-PO-H-0085",
+    "category": "Compliance Validation",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-DS-PO-M-0176.json → ...8s/kubernetes_pod/AC-K8-DP-PO-M-0067.json b/...8s/kubernetes_pod/AC-K8-DS-PO-M-0176.json → ...8s/kubernetes_pod/AC-K8-DP-PO-M-0067.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure Kubernetes Dashboard Is Not Deployed",
-    "reference_id": "AC-K8-DS-PO-M-0176",
-    "category": "Data Security",
+    "reference_id": "AC-K8-DP-PO-M-0067",
+    "category": "Data Protection",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-DS-PO-M-0177.json → ...8s/kubernetes_pod/AC-K8-DP-PO-M-0071.json b/...8s/kubernetes_pod/AC-K8-DS-PO-M-0177.json → ...8s/kubernetes_pod/AC-K8-DP-PO-M-0071.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure That Tiller (Helm V2) Is Not Deployed",
-    "reference_id": "AC-K8-DS-PO-M-0177",
-    "category": "Data Security",
+    "reference_id": "AC-K8-DP-PO-M-0071",
+    "category": "Data Protection",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-M-0105.json → ...8s/kubernetes_pod/AC-K8-IA-PK-M-0045.json b/...8s/kubernetes_pod/AC-K8-IA-PO-M-0105.json → ...8s/kubernetes_pod/AC-K8-IA-PK-M-0045.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "Ensure that Service Account Tokens are only mounted where necessary",
-    "reference_id": "AC-K8-IA-PO-M-0105",
+    "reference_id": "AC-K8-IA-PK-M-0045",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-H-0106.json → ...8s/kubernetes_pod/AC-K8-IA-PO-H-0046.json b/...8s/kubernetes_pod/AC-K8-IA-PO-H-0106.json → ...8s/kubernetes_pod/AC-K8-IA-PO-H-0046.json
@@ -8,7 +8,7 @@
     },
     "severity": "HIGH",
     "description": "Minimize the admission of privileged containers",
-    "reference_id": "AC-K8-IA-PO-H-0106",
+    "reference_id": "AC-K8-IA-PO-H-0046",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-H-0138.json → ...8s/kubernetes_pod/AC-K8-IA-PO-H-0076.json b/...8s/kubernetes_pod/AC-K8-IA-PO-H-0138.json → ...8s/kubernetes_pod/AC-K8-IA-PO-H-0076.json
@@ -8,7 +8,7 @@
     },
     "severity": "HIGH",
     "description": "Allowing hostPaths to mount to Pod arise the probability of getting access to the node's filesystem",
-    "reference_id": "AC-K8-IA-PO-H-0138",
+    "reference_id": "AC-K8-IA-PO-H-0076",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-H-0168.json → ...8s/kubernetes_pod/AC-K8-IA-PO-H-0087.json b/...8s/kubernetes_pod/AC-K8-IA-PO-H-0168.json → ...8s/kubernetes_pod/AC-K8-IA-PO-H-0087.json
@@ -15,7 +15,7 @@
     },
     "severity": "HIGH",
     "description": "Minimize Admission of Root Containers",
-    "reference_id": "AC-K8-IA-PO-H-0168",
+    "reference_id": "AC-K8-IA-PO-H-0087",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-M-0135.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0073.json b/...8s/kubernetes_pod/AC-K8-IA-PO-M-0135.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0073.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "AppArmor profile not set to default or custom profile will make the container vulnerable to kernel level threats",
-    "reference_id": "AC-K8-IA-PO-M-0135",
+    "reference_id": "AC-K8-IA-PO-M-0073",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-H-0137.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0074.json b/...8s/kubernetes_pod/AC-K8-IA-PO-H-0137.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0074.json
@@ -8,7 +8,7 @@
     },
     "severity": "HIGH",
     "description": "Allowing the pod to make system level calls provide access to host/node sensitive information",
-    "reference_id": "AC-K8-IA-PO-H-0137",
+    "reference_id": "AC-K8-IA-PO-M-0074",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-M-0139.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0077.json b/...8s/kubernetes_pod/AC-K8-IA-PO-M-0139.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0077.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "Unmasking the procMount will allow more information than is necessary to the program running in the containers spawned by k8s",
-    "reference_id": "AC-K8-IA-PO-M-0139",
+    "reference_id": "AC-K8-IA-PO-M-0077",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-M-0140.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0078.json b/...8s/kubernetes_pod/AC-K8-IA-PO-M-0140.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0078.json
@@ -15,7 +15,7 @@
     },
     "severity": "MEDIUM",
     "description": "Container images with readOnlyRootFileSystem set as false mounts the container root file system with write permissions",
-    "reference_id": "AC-K8-IA-PO-M-0140",
+    "reference_id": "AC-K8-IA-PO-M-0078",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-M-0141.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0080.json b/...8s/kubernetes_pod/AC-K8-IA-PO-M-0141.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0080.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "Default seccomp profile not enabled will make the container to make non-essential system calls",
-    "reference_id": "AC-K8-IA-PO-M-0141",
+    "reference_id": "AC-K8-IA-PO-M-0080",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-M-0143.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0081.json b/...8s/kubernetes_pod/AC-K8-IA-PO-M-0143.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0081.json
@@ -16,7 +16,7 @@
     },
     "severity": "MEDIUM",
     "description": "Some volume types mount the host file system paths to the pod or container, thus increasing the chance of escaping the container to access the host",
-    "reference_id": "AC-K8-IA-PO-M-0143",
+    "reference_id": "AC-K8-IA-PO-M-0081",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PO-M-0162.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0082.json b/...8s/kubernetes_pod/AC-K8-IA-PO-M-0162.json → ...8s/kubernetes_pod/AC-K8-IA-PO-M-0082.json
@@ -10,7 +10,7 @@
     },
     "severity": "MEDIUM",
     "description": "Containers Should Not Share Host Process ID Namespace",
-    "reference_id": "AC-K8-IA-PO-M-0162",
+    "reference_id": "AC-K8-IA-PO-M-0082",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-IA-PS-M-0112.json → ...8s/kubernetes_pod/AC-K8-IA-PS-M-0048.json b/...8s/kubernetes_pod/AC-K8-IA-PS-M-0112.json → ...8s/kubernetes_pod/AC-K8-IA-PS-M-0048.json
@@ -9,7 +9,7 @@
     },
     "severity": "MEDIUM",
     "description": "Minimize the admission of containers with the NET_RAW capability",
-    "reference_id": "AC-K8-IA-PS-M-0112",
+    "reference_id": "AC-K8-IA-PS-M-0048",
     "category": "Identity and Access Management",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-NS-PO-H-0117.json → ...8s/kubernetes_pod/AC-K8-IS-PO-H-0051.json b/...8s/kubernetes_pod/AC-K8-NS-PO-H-0117.json → ...8s/kubernetes_pod/AC-K8-IS-PO-H-0051.json
@@ -8,7 +8,7 @@
     },
     "severity": "HIGH",
     "description": "Prefer using secrets as files over secrets as environment variables",
-    "reference_id": "AC-K8-NS-PO-H-0117",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-PO-H-0051",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-NS-PO-M-0122.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0064.json b/...8s/kubernetes_pod/AC-K8-NS-PO-M-0122.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0064.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "Apply Security Context to Your Pods and Containers",
-    "reference_id": "AC-K8-NS-PO-M-0122",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-PO-M-0064",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-NS-PO-M-0133.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0069.json b/...8s/kubernetes_pod/AC-K8-NS-PO-M-0133.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0069.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "Image without digest affects the integrity principle of image security",
-    "reference_id": "AC-K8-NS-PO-M-0133",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-PO-M-0069",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-NS-PO-H-0170.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0075.json b/...8s/kubernetes_pod/AC-K8-NS-PO-H-0170.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0075.json
@@ -6,9 +6,9 @@
         "prefix": "",
         "suffix": ""
     },
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "description": "Do Not Use CAP_SYS_ADMIN Linux Capability",
-    "reference_id": "AC-K8-NS-PO-H-0170",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-PO-M-0075",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-NS-PO-M-0182.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0079.json b/...8s/kubernetes_pod/AC-K8-NS-PO-M-0182.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0079.json
@@ -8,7 +8,7 @@
     },
     "severity": "MEDIUM",
     "description": "Containers Should Run as a High UID to Avoid Host Conflict",
-    "reference_id": "AC-K8-NS-PO-M-0182",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-PO-M-0079",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-NS-PO-M-0163.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0083.json b/...8s/kubernetes_pod/AC-K8-NS-PO-M-0163.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0083.json
@@ -10,7 +10,7 @@
     },
     "severity": "MEDIUM",
     "description": "Containers Should Not Share Host IPC Namespace",
-    "reference_id": "AC-K8-NS-PO-M-0163",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-PO-M-0083",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-NS-PO-M-0164.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0084.json b/...8s/kubernetes_pod/AC-K8-NS-PO-M-0164.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0084.json
@@ -10,7 +10,7 @@
     },
     "severity": "MEDIUM",
     "description": "Containers Should Not Share the Host Network Namespace",
-    "reference_id": "AC-K8-NS-PO-M-0164",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-PO-M-0084",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-NS-PO-M-0171.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0088.json b/...8s/kubernetes_pod/AC-K8-NS-PO-M-0171.json → ...8s/kubernetes_pod/AC-K8-IS-PO-M-0088.json
@@ -11,7 +11,7 @@
     },
     "severity": "MEDIUM",
     "description": "Restrict Mounting Docker Socket in a Container",
-    "reference_id": "AC-K8-NS-PO-M-0171",
-    "category": "Network Security",
+    "reference_id": "AC-K8-IS-PO-M-0088",
+    "category": "Infrastructure Security",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-OE-PK-M-0155.json → ...8s/kubernetes_pod/AC-K8-SP-PK-M-0097.json b/...8s/kubernetes_pod/AC-K8-OE-PK-M-0155.json → ...8s/kubernetes_pod/AC-K8-SP-PK-M-0097.json
@@ -15,7 +15,7 @@
     },
     "severity": "Medium",
     "description": "CPU Request Not Set in config file.",
-    "reference_id": "AC-K8-OE-PK-M-0155",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-PK-M-0097",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-OE-PK-M-0156.json → ...8s/kubernetes_pod/AC-K8-SP-PK-M-0098.json b/...8s/kubernetes_pod/AC-K8-OE-PK-M-0156.json → ...8s/kubernetes_pod/AC-K8-SP-PK-M-0098.json
@@ -15,7 +15,7 @@
     },
     "severity": "Medium",
     "description": "CPU Limits Not Set in config file.",
-    "reference_id": "AC-K8-OE-PK-M-0156",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-PK-M-0098",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-OE-PK-M-0157.json → ...8s/kubernetes_pod/AC-K8-SP-PK-M-0099.json b/...8s/kubernetes_pod/AC-K8-OE-PK-M-0157.json → ...8s/kubernetes_pod/AC-K8-SP-PK-M-0099.json
@@ -15,7 +15,7 @@
     },
     "severity": "Medium",
     "description": "Memory Request Not Set in config file.",
-    "reference_id": "AC-K8-OE-PK-M-0157",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-PK-M-0099",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-OE-PK-M-0158.json → ...8s/kubernetes_pod/AC-K8-SP-PK-M-0100.json b/...8s/kubernetes_pod/AC-K8-OE-PK-M-0158.json → ...8s/kubernetes_pod/AC-K8-SP-PK-M-0100.json
@@ -15,7 +15,7 @@
     },
     "severity": "Medium",
     "description": "Memory Limits Not Set in config file.",
-    "reference_id": "AC-K8-OE-PK-M-0158",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-PK-M-0100",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-OE-PO-M-0166.json → ...8s/kubernetes_pod/AC-K8-SP-PO-H-0086.json b/...8s/kubernetes_pod/AC-K8-OE-PO-M-0166.json → ...8s/kubernetes_pod/AC-K8-SP-PO-H-0086.json
@@ -6,9 +6,9 @@
         "prefix": "",
         "suffix": ""
     },
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "description": "Default Namespace Should Not be Used",
-    "reference_id": "AC-K8-OE-PO-M-0166",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-PO-H-0086",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-OE-PO-L-0134.json → ...8s/kubernetes_pod/AC-K8-SP-PO-L-0068.json b/...8s/kubernetes_pod/AC-K8-OE-PO-L-0134.json → ...8s/kubernetes_pod/AC-K8-SP-PO-L-0068.json
@@ -8,7 +8,7 @@
     },
     "severity": "LOW",
     "description": "No tag or container image with :Latest tag makes difficult to rollback and track",
-    "reference_id": "AC-K8-OE-PO-L-0134",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-PO-L-0068",
+    "category": "Security Best Practices",
     "version": 1
 }
diff --git a/...8s/kubernetes_pod/AC-K8-OE-PO-L-0129.json → ...8s/kubernetes_pod/AC-K8-SP-PO-L-0070.json b/...8s/kubernetes_pod/AC-K8-OE-PO-L-0129.json → ...8s/kubernetes_pod/AC-K8-SP-PO-L-0070.json
@@ -10,7 +10,7 @@
     },
     "severity": "LOW",
     "description": "No liveness probe will ensure there is no recovery in case of unexpected errors",
-    "reference_id": "AC-K8-OE-PO-L-0129",
-    "category": "Operational Efficiency",
+    "reference_id": "AC-K8-SP-PO-L-0070",
+    "category": "Security Best Practices",
     "version": 1
 }