Policies allow you to detect and prevent undesired state. This page provides a curated list of policies and micro-policies that UpGuard Engineers and Users have accumulated.

Importing Policies

For more information on importing these policies into your account, please view out guide on Importing a Policy.

Policy Library

AWS IAM Password and Permissions

This policy confirms:
  • certain recommended password policy settings,
  • that no issued user access keys have been left unused for more than 6 months,
  • that users have MFA enabled and that they only have 1 MFA device configured, and
  • that users have no inline or managed policies assigned to them (as RBAC is recommended).
Node Type: AWS IAM Account
Download Link: AWS IAM Best Practice

BlueKeep (CVE-2019-0708) check

Checks that the node is not vulnerable to the BlueKeep vuln.
Node Type: Windows
Download Link: BlueKeep Check

GitHub Users MFA Check

This policy confirms that all users in your GitHub account have MFA enabled.
Node Type: GitHub Organization
Download Link: GitHub User MFA Check

GitHub Repository is Private

This policy checks that your GitHub Repo is private and not public.
Node Type: GitHub Repository
Download Link: GitHub Repo Private

PCI Section 3.2 - Windows Audit Check

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: Windows
Download Link: PCI 3.2 - Audit Check Windows

PCI Section 3.2 - MS-SQL Windows

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: MS-SQL
Download Link: PCI 3.2 - MS-SQL Windows

PCI Section 3.2 - Password Complexity RHEL7

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: RHEL7
Download Link: PCI 3.2 - Password Check RHEL7

PCI Section 3.2 - Password Complexity Windows

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: Windows
Download Link: PCI 3.2 - Password Check Windows

PCI Section 3.2 - Server Hardening Windows

Checks to validate password complexity and server hardening requirements for PCI compliance
Node Type: Windows
Download Link: PCI 3.2 - Server Hardening Windows

Website CyberRisk checks

This policy provides a basic set of checks your internal and external websites should adhere to and is inspired by the checks we use in UpGuard CyberRisk
Node Type: Website
Download Link: CyberRisk
Tags: policies