Policies allow you to detect and prevent undesired state. This page provides a curated list of policies and micro-policies that UpGuard Engineers and Users have accumulated.

Importing Policies

For more information on importing these policies into your account, please view out guide on Importing a Policy.

Policy Library

AWS IAM Password and Permissions

This policy confirms:
  • certain recommended password policy settings,
  • that no issued user access keys have been left unused for more than 6 months,
  • that users have MFA enabled and that they only have 1 MFA device configured, and
  • that users have no inline or managed policies assigned to them (as RBAC is recommended).
Node Type: AWS IAM Account
Download Link: AWS IAM Best Practice

BlueKeep (CVE-2019-0708) check

Checks that the node is not vulnerable to the BlueKeep vuln.
Node Type: Windows
Download Link: BlueKeep Check

GitHub User Identity Check

This policy confirms that all users in your GitHub account have the full name attribute set in their user profiles so you can audit who did what when relative to a real person's identity.
Node Type: GitHub Organization
Download Link: GitHub User Identity Check

GitHub Users MFA Check

This policy confirms that all users in your GitHub account have MFA enabled.
Node Type: GitHub Organization
Download Link: GitHub User MFA Check

GitHub Repository is not Forked

This policy checks that your GitHub Repo has not been forked and is not a fork itself.
Node Type: GitHub Repository
Download Link: GitHub Repo is not Forked

GitHub Repository is Private

This policy checks that your GitHub Repo is private and not public.
Node Type: GitHub Repository
Download Link: GitHub Repo Private

PCI Section 3.2 - Windows Audit Check

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: Windows
Download Link: PCI 3.2 - Audit Check Windows

PCI Section 3.2 - MS-SQL Windows

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: MS-SQL
Download Link: PCI 3.2 - MS-SQL Windows

PCI Section 3.2 - Password Complexity RHEL7

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: RHEL7
Download Link: PCI 3.2 - Password Check RHEL7

PCI Section 3.2 - Password Complexity Windows

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: Windows
Download Link: PCI 3.2 - Password Check Windows

PCI Section 3.2 - Server Hardening Windows

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: Windows
Download Link: PCI 3.2 - Server Hardening Windows

Website CyberRisk checks

This policy provides a basic set of checks your internal and external websites should adhere to and is inspired by the checks we use in UpGuard CyberRisk
Node Type: Website
Download Link: CyberRisk
Tags: policies