GCP CIS Benchmark Security Rules

openraven / magpie

A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.

Apache License 2.0

168 stars 25 forks source link

GCP CIS Benchmark Security Rules #205

Closed curphey closed 2 years ago

curphey commented 3 years ago

Develop the security rules for GCP. This work has already been started.

https://github.com/openraven/cspm-kb/blob/main/policies/cis_gcp_foundations_benchmark.yaml

https://www.cisecurity.org/blog/new-cis-benchmark-for-google-cloud-computing-platform/

belosh59 commented 3 years ago

Intermediate testing for GCP rule 3.6

Ensure that there is no rule matching the below criteria:
 SOURCE_RANGES is 0.0.0.0/0
 AND DIRECTION is INGRESS
 AND IPProtocol is tcp or ALL
 AND PORTS is set to 22 or range containing 22 or Null (not set)