Closed sbe-arg closed 5 months ago
Thanks for opening this issue. All the S3 buckets created by the WAF solution have encryption configured by default, and objects are automatically encrypted by using server-side encryption with Amazon S3 managed keys (SSE-S3). Could you check if your buckets are created by this solution and haven't been changed on your end? Also what are the details of your s3 buckets and the security findings?
Some of the resources don't follow CIS standards such as S3 encryption.
Will update the issue with the list of resources and CIS failed controls so it can be properly tracked.