{
"metrics": [
{
"id": "ActivityLoggingEnabled",
"name": "ActivityLoggingEnabled",
"description": "This metric is used to assess if activity logs are enabled for the cloud service/asset.",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "AnomalyDetectionEnabled",
"name": "AnomalyDetectionEnabled",
"description": "This metric is used to assess if Anomaly Detection is enabled for the cloud service/asset",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "ApplicationLoggingEnabled",
"name": "ApplicationLoggingEnabled",
"description": "This metric is used to assess if Application logs are enabled for the cloud service/asset.",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "AutomaticUpdatesEnabled",
"name": "AutomaticUpdatesEnabled",
"description": "This metric is used to assess if automatic updates are enabled for the cloud service/asset",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "AutomaticUpdatesInterval",
"name": "AutomaticUpdatesInterval",
"description": "This metric is used to assess the update interval of automatic updates for the cloud service/asset",
"category": "Operational Security",
"scale": "METRIC",
"range": {
"minMax": {
"min": "1",
"max": "365"
}
}
},
{
"id": "BackupEnabled",
"name": "BackupEnabled",
"description": "This metric is used to assess if backups are enabled for a cloud service/asset",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "BackupRetentionSet",
"name": "BackupRetentionSet",
"description": "This metric is used to assess the configured backup retention (days) on a cloud service/asset",
"category": "Operational Security",
"scale": "METRIC",
"range": {
"minMax": {
"min": "0",
"max": "99999999"
}
}
},
{
"id": "BootLoggingEnabled",
"name": "BootLoggingEnabled",
"description": "This metric is used to assess if Boot logs are enabled for the cloud service/asset.",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "BootLoggingRetention",
"name": "BootLoggingRetention",
"description": "This metric is used to assess the configured log retention (days) on a cloud service/asset",
"category": "Operational Security",
"scale": "METRIC",
"range": {
"minMax": {
"min": "0",
"max": "99"
}
}
},
{
"id": "JavaVersion",
"name": "JavaVersion",
"description": "This metric is used to assess the Java Runtime version used by the cloud service/asset",
"category": "Operational Security",
"scale": "NOMINAL",
"range": {
"order": {
"values": [
"< 11",
"11"
]
}
}
},
{
"id": "L3FirewallEnabled",
"name": "L3FirewallEnabled",
"description": "This metric is used to assess if a service-level ACL has been enabled on a cloud service/asset",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "MalwareProtectionEnabled",
"name": "MalwareProtectionEnabled",
"description": "This metric is used to assess if the antimalware solution is enabled on the respective resource.",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "MalwareProtectionOutput",
"name": "MalwareProtectionOutput",
"description": "This metric states whether automatic notifications are enabled (e.g. e-mail) about malware threats. This relates to EUCS’ definition of “continuous monitoringâ€.",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "NumberOfThreatsFound",
"name": "NumberOfThreatsFound",
"description": "This metric is used to assess if the antimalware solution reports no irregularities.",
"category": "Operational Security",
"scale": "METRIC",
"range": {
"minMax": {
"min": "0",
"max": "99999999"
}
}
},
{
"id": "OSLoggingEnabled",
"name": "OSLoggingEnabled",
"description": "This metric is used to assess if OS logs are enabled for the cloud service/asset.",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "OSLoggingRetention",
"name": "OSLoggingRetention",
"description": "This metric is used to assess the configured log retention (days) on a cloud service/asset",
"category": "Operational Security",
"scale": "METRIC",
"range": {
"minMax": {
"min": "0",
"max": "99"
}
}
},
{
"id": "PHPVersion",
"name": "PHPVersion",
"description": "This metric is used to assess the PHP version used by the cloud service/asset",
"category": "Operational Security",
"scale": "NOMINAL",
"range": {
"order": {
"values": [
"< 7.4",
"7.4"
]
}
}
},
{
"id": "PythonVersion",
"name": "PythonVersion",
"description": "This metric is used to assess the Python version used by the cloud service/asset",
"category": "Operational Security",
"scale": "NOMINAL",
"range": {
"order": {
"values": [
"< 3.8",
"3.8"
]
}
}
},
{
"id": "TLSVersion",
"name": "TLSVersion",
"description": "This metric is used to assess if state-of-the-art encryption protocols are used for traffic served from public networks.",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
"1.0",
"1.1",
"1.2",
"1.3"
]
}
}
},
{
"id": "TransportEncryptionEnabled",
"name": "TransportEncryptionEnabled",
"description": "This metric is used to assess if the cloud service/asset accepts encrypted connections",
"category": "Cryptography and key management",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "TransportEncryptionEnforced",
"name": "TransportEncryptionEnforced",
"description": "This metric is used to assess if the cloud service/asset enforces encrypted connections ",
"category": "Cryptography and key management",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
},
{
"id": "WebApplicationFirewallEnabled",
"name": "WebApplicationFirewallEnabled",
"description": "This metric is used to assess if a cloud service/asset has enabled WAF functionalities",
"category": "Operational Security",
"scale": "ORDINAL",
"range": {
"order": {
"values": [
false,
true
]
}
}
}
],
"nextPageToken": ""
}