@@ -209,6 +209,14 @@ controls:
209209 - sudo_remove_nopasswd
210210 status : automated
211211
212+ - id : AZLX-23-002610
213+ levels :
214+ - medium
215+ title : Amazon Linux 2023 must implement nonexecutable data to protect its memory from unauthorized code execution.
216+ rules :
217+ - bios_enable_execution_restrictions
218+ status : automated
219+
212220 - id : AZLX-23-001025
213221 levels :
214222 - medium
@@ -528,20 +536,23 @@ controls:
528536 package.
529537 rules : []
530538 status : pending
539+
531540 - id : AZLX-23-001265
532541 levels :
533542 - medium
534543 title : Amazon Linux 2023 must implement DOD-approved TLS encryption in the
535544 OpenSSL package.
536545 rules : []
537546 status : pending
547+
538548 - id : AZLX-23-001270
539549 levels :
540550 - medium
541551 title : Amazon Linux 2023 must implement a FIPS 140-2/140-3 compliant
542552 systemwide cryptographic policy.
543553 rules : []
544554 status : pending
555+
545556 - id : AZLX-23-001275
546557 levels :
547558 - medium
@@ -552,6 +563,7 @@ controls:
552563 - harden_sshd_ciphers_opensshserver_conf_crypto_policy
553564 - sshd_approved_ciphers=stig_rhel9
554565 status : automated
566+
555567 - id : AZLX-23-001280
556568 levels :
557569 - high
@@ -569,6 +581,7 @@ controls:
569581 title : Amazon Linux 2023 crypto policy must not be overridden.
570582 rules : []
571583 status : pending
584+
572585 - id : AZLX-23-001290
573586 levels :
574587 - medium
@@ -613,8 +626,10 @@ controls:
613626 title : Amazon Linux 2023, for PKI-based authentication, must validate
614627 certificates by constructing a certification path (which includes status
615628 information) to an accepted trust anchor.
616- rules : []
629+ rules :
630+ - sssd_has_trust_anchor
617631 status : pending
632+
618633 - id : AZLX-23-001315
619634 levels :
620635 - medium
@@ -748,8 +763,10 @@ controls:
748763 - medium
749764 title : Amazon Linux 2023 must be configured to off-load audit records onto a
750765 different system from the system being audited via syslog.
751- rules : []
752- status : pending
766+ rules :
767+ - rsyslog_remote_loghost
768+ status : automated
769+
753770 - id : AZLX-23-002065
754771 levels :
755772 - medium
@@ -804,7 +821,8 @@ controls:
804821 title : Amazon Linux 2023 must generate audit records for all account
805822 creations, modifications, disabling, and termination events that affect
806823 /etc/sudoers.d/ directory.
807- rules : []
824+ rules :
825+ - audit_rules_sudoers_d
808826 status : pending
809827 - id : AZLX-23-002095
810828 levels :
@@ -1017,8 +1035,10 @@ controls:
10171035 title : Amazon Linux 2023 must generate audit records for all account
10181036 creations, modifications, disabling, and termination events that affect
10191037 /etc/passwd.
1020- rules : []
1038+ rules :
1039+ - audit_rules_usergroup_modification_shadow
10211040 status : pending
1041+
10221042 - id : AZLX-23-002210
10231043 levels :
10241044 - medium
@@ -1034,8 +1054,10 @@ controls:
10341054 title : Amazon Linux 2023 must alert the information system security officer
10351055 (ISSO) and system administrator (SA), at a minimum, in the event of an audit
10361056 processing failure.
1037- rules : []
1057+ rules :
1058+ - auditd_data_retention_action_mail_acct
10381059 status : pending
1060+
10391061 - id : AZLX-23-002220
10401062 levels :
10411063 - medium
@@ -1051,23 +1073,29 @@ controls:
10511073 - medium
10521074 title : Amazon Linux 2023 audit logs must be group-owned by root or by a
10531075 restricted logging group to prevent unauthorized read access.
1054- rules : []
1076+ rules :
1077+ - file_group_ownership_var_log_audit
10551078 status : pending
1079+
10561080 - id : AZLX-23-002230
10571081 levels :
10581082 - medium
10591083 title :
10601084 Amazon Linux 2023 audit log directory must be owned by root to prevent
10611085 unauthorized read access.
1062- rules : []
1086+ rules :
1087+ - file_ownership_var_log_audit_stig
10631088 status : pending
1089+
10641090 - id : AZLX-23-002235
10651091 levels :
10661092 - medium
10671093 title : Amazon Linux 2023 audit logs file must have mode "0600" or less
10681094 permissive to prevent unauthorized access to the audit log.
1069- rules : []
1095+ rules :
1096+ - file_permissions_var_log_audit
10701097 status : pending
1098+
10711099 - id : AZLX-23-002240
10721100 levels :
10731101 - medium
@@ -1656,6 +1684,7 @@ controls:
16561684 for the appropriate DOD network.
16571685 rules : []
16581686 status : pending
1687+
16591688 - id : AZLX-23-002565
16601689 levels :
16611690 - medium
@@ -1740,13 +1769,7 @@ controls:
17401769 configured on impacted network interfaces.
17411770 rules : []
17421771 status : pending
1743- - id : AZLX-23-002610
1744- levels :
1745- - medium
1746- title : Amazon Linux 2023 must implement nonexecutable data to protect its
1747- memory from unauthorized code execution.
1748- rules : []
1749- status : pending
1772+
17501773 - id : AZLX-23-002615
17511774 levels :
17521775 - low
0 commit comments