Rule: Ensure credentials unused for 180 days are disabled

This rule ensures disabling credentials unused for 180 days or more to enhance security measures.

Rule	Ensure credentials unused for 180 days or greater are disabled
Framework	CloudDefense.AI Security
Severity	✔ Critical

Rule Description:

The rule mandates that any credentials that have been unused for 180 days or longer should be disabled for CloudDefense. This is an important security measure to reduce the risk of unauthorized access to sensitive information and resources within the Cloud Defense platform.

Troubleshooting Steps:

1.
Identify all active credentials within the Cloud Defense platform.

2.
Determine the last time each credential was used.

3.
Compare the last usage date with the current date.

4.
Identify any credentials that have been unused for 180 days or longer.

5.
Disable the identified credentials to prevent potential security risks.

Necessary Codes:

There are no specific codes required for this rule. However, implementing a script or automation tool can help to identify and disable the unused credentials efficiently.

Step-by-step Guide for Remediation:

1.

Login to the Cloud Defense platform using your administrator credentials.

2.

Navigate to the "Credentials Management" section or similar in the Cloud Defense platform. This may vary depending on the platform or service provider.

3.

Obtain a list of all active credentials within the Cloud Defense platform.

4.
For each credential in the list, perform the following steps:

Step 4.1: Determine the last time the credential was used.
- Check the logs or usage history of the credential.
- Note down the last usage date.
Step 4.2: Compare the last usage date with the current date.
- Calculate the number of days between the last usage date and the current date.
Step 4.3: Identify credentials that have been unused for 180 days or longer.
- If the number of days calculated in Step 4.2 is 180 or greater, mark the credential as eligible for disabling.
Step 4.4: Disable the identified credentials.
- Use the appropriate command in the Cloud Defense platform to disable the credential.
- This command may vary depending on the platform or service provider.

5.

Repeat Steps 4.1 to 4.4 for all credentials in the list.

6.

Verify that the identified credentials have been successfully disabled.

7.

Document the disabled credentials and the actions taken for future reference.

By following the above steps, you can ensure that any credentials that have been unused for 180 days or longer are disabled in the Cloud Defense platform, thereby reducing the risk of unauthorized access and enhancing the overall security posture.

Rule: Ensure credentials unused for 180 days are disabled

.css-rso7cu{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#01130E;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step 4.1: Determine the last time the credential was used.

Step 4.2: Compare the last usage date with the current date.

Step 4.3: Identify credentials that have been unused for 180 days or longer.

Step 4.4: Disable the identified credentials.

Is your System Free of Underlying Vulnerabilities? Find Out Now

Step 4.1: Determine the last time the credential was used.

Is your System Free of Underlying Vulnerabilities?
Find Out Now