adding azure gcp oracle github

en/azure/activedirectory/minimum-password-length.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Active Directory / Minimum Password Length
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Minimum Password Length |
+| **Cloud** | AZURE |
+| **Category** | Active Directory |
+| **Description** | Ensures that all Azure passwords require a minimum length |
+| **More Info** | Azure handles most password policy settings, including the minimum password length, defaulted to 8 characters. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts |
+| **Recommended Action** | No action necessary. Azure handles password requirement settings. |
+
+## Detailed Remediation Steps
+

en/azure/activedirectory/password-requires-lowercase.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Active Directory / Password Requires Lowercase
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Password Requires Lowercase |
+| **Cloud** | AZURE |
+| **Category** | Active Directory |
+| **Description** | Ensures that all Azure passwords require lowercase characters |
+| **More Info** | Azure handles most password policy settings, including which character types are required. Azure requires 3 out of 4 of the following character types: lowercase, uppercase, special characters, and numbers. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts |
+| **Recommended Action** | No action necessary. Azure handles password requirement settings. |
+
+## Detailed Remediation Steps
+

en/azure/activedirectory/password-requires-numbers.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Active Directory / Password Requires Numbers
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Password Requires Numbers |
+| **Cloud** | AZURE |
+| **Category** | Active Directory |
+| **Description** | Ensures that all Azure passwords require numbers |
+| **More Info** | Azure handles most password policy settings, including which character types are required. Azure requires 3 out of 4 of the following character types: lowercase, uppercase, special characters, and numbers. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts |
+| **Recommended Action** | No action necessary. Azure handles password requirement settings. |
+
+## Detailed Remediation Steps
+

en/azure/activedirectory/password-requires-symbols.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Active Directory / Password Requires Symbols
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Password Requires Symbols |
+| **Cloud** | AZURE |
+| **Category** | Active Directory |
+| **Description** | Ensures that all Azure passwords require symbol characters |
+| **More Info** | Azure handles most password policy settings, including which character types are required. Azure requires 3 out of 4 of the following character types: lowercase, uppercase, special characters, and numbers. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts |
+| **Recommended Action** | No action necessary. Azure handles password requirement settings. |
+
+## Detailed Remediation Steps
+

en/azure/activedirectory/password-requires-uppercase.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Active Directory / Password Requires Uppercase
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Password Requires Uppercase |
+| **Cloud** | AZURE |
+| **Category** | Active Directory |
+| **Description** | Ensures that all Azure passwords require uppercase characters |
+| **More Info** | Azure handles most password policy settings, including which character types are required. Azure requires 3 out of 4 of the following character types: lowercase, uppercase, special characters, and numbers. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts |
+| **Recommended Action** | No action necessary. Azure handles password requirement settings. |
+
+## Detailed Remediation Steps
+

en/azure/appservice/.net-framework-version.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | .NET Framework Version |
 | **Cloud** | AZURE |
 | **Category** | App Service |
-| **Description** | Ensure .NET Framework is up to date for all App Services. |
-| **More Info** | Keeping your .NET framework up to date will reduce the security risk vulnerabilities due to missing security patches. |
+| **Description** | Ensures the latest version of the .NET Framework is installed for all App Services. |
+| **More Info** | Installing the latest version of the .NET framework will reduce the security risk of missing security patches. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/app-service/web-sites-configure |
-| **Recommended Action** | Update .NET framwork version on all .NET App Services. |
+| **Recommended Action** | Select the latest version of the .NET framework for all .NET-based App Services |
 
 ## Detailed Remediation Steps
 

en/azure/appservice/authentication-enabled.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | Authentication Enabled |
 | **Cloud** | AZURE |
 | **Category** | App Service |
-| **Description** | Ensures Authentication is enabled for your App services, redirecting unauthenticated users to the login page. |
-| **More Info** | Enabling authentication will redirect all unauthenticated requests to the login page. Also handles authentication of users with specified provider (Azure Active Directory, Facebook, Google, Microsoft Account, and Twitter) |
+| **Description** | Ensures Authentication is enabled for App Services, redirecting unauthenticated users to the login page. |
+| **More Info** | Enabling authentication will redirect all unauthenticated requests to the login page. It also handles authentication of users with specific providers (Azure Active Directory, Facebook, Google, Microsoft Account, and Twitter). |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization |
-| **Recommended Action** | In your App Service go to Authentication / Authorization > Set App Service Authentication to "On" (Enabled) |
+| **Recommended Action** | Enable App Service Authentication for all App Services. |
 
 ## Detailed Remediation Steps
 

en/azure/appservice/client-certificates-enabled.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | Client Certificates Enabled |
 | **Cloud** | AZURE |
 | **Category** | App Service |
-| **Description** | Ensures Client Certificates are enabled for your App Service, only allowing clients with valid certificates to reach the app |
-| **More Info** | Enabling Client Certificates will block all clients who do not have a valid certificate from accessing the app. |
+| **Description** | Ensures Client Certificates are enabled for App Services, only allowing clients with valid certificates to reach the app |
+| **More Info** | Enabling Client Certificates will block all clients that do not have a valid certificate from accessing the app. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth#enable-client-certificates |
-| **Recommended Action** | In your App Service go to SSL Settings > Incoming client certificates and set it to "On" (Enabled). |
+| **Recommended Action** | Enable incoming client certificate SSL setting for all App Services. |
 
 ## Detailed Remediation Steps
 

en/azure/appservice/http-2.0-enabled.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | HTTP 2.0 Enabled |
 | **Cloud** | AZURE |
 | **Category** | App Service |
-| **Description** | Ensures the latest HTTP version is enabled for the App Service. |
-| **More Info** | Enabling HTTP2.0 ensures that the App Service has the latest technology which includes security enhancements and additional functionality. |
+| **Description** | Ensures the latest HTTP version is enabled for App Services |
+| **More Info** | Enabling HTTP2.0 ensures that the App Service has the latest technology which improves server performance |
 | **AZURE Link** | https://azure.microsoft.com/en-us/blog/announcing-http-2-support-in-azure-app-service/ |
-| **Recommended Action** | In your App Service go to configuration > go to the General Settings tab  > select in "Http Version" version 2.0 |
+| **Recommended Action** | Enable HTTP 2.0 support in the general settings for all App Services |
 
 ## Detailed Remediation Steps
 

en/azure/appservice/https-only-enabled.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | HTTPS Only Enabled |
 | **Cloud** | AZURE |
 | **Category** | App Service |
-| **Description** | Ensures HTTPS Only is enabled for your App services, redirecting all HTTP traffic to HTTPS. |
+| **Description** | Ensures HTTPS Only is enabled for App Services, redirecting all HTTP traffic to HTTPS |
 | **More Info** | Enabling HTTPS Only traffic will redirect all non-secure HTTP requests to HTTPS. HTTPS uses the SSL/TLS protocol to provide a secure connection. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-ssl#enforce-https |
-| **Recommended Action** | In your App Service go to SSL Settings > HTTPS Only and set it to "On" (Enabled). |
+| **Recommended Action** | Enable HTTPS Only support SSL settings for all App Services |
 
 ## Detailed Remediation Steps
 

en/azure/appservice/identity-enabled.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | Identity Enabled |
 | **Cloud** | AZURE |
 | **Category** | App Service |
-| **Description** | Ensures a system or user assigned managed identity is enabled to authenticate to App Service without storing credentials in the code. |
-| **More Info** | Managing credentials in your code for authenticating to cloud services is a challenge, and maintaining the credentials secure is very important. Ideally, the credentials never appear on developer workstations and aren't checked into source control. The managed identities for Azure resources provides Azure services with an automatically managed identity in Azure AD. You can use the identity to authenticate to any service that supports Azure AD authentication, without having to include any credentials in your code. |
+| **Description** | Ensures a system or user assigned managed identity is enabled to authenticate to App Services without storing credentials in the code. |
+| **More Info** | Maintaining cloud connection credentials in code is a security risk. Credentials should never appear on developer workstations and should not be checked into source control. Managed identities for Azure resources provides Azure services with a managed identity in Azure AD which can be used to authenticate to any service that supports Azure AD authentication, without having to include any credentials in code. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity |
-| **Recommended Action** | In your App Service go to Identity > System assigned and set it to "On" (Enabled) or go to the User assigned tab and add a user assigned managed identity. |
+| **Recommended Action** | Enable system or user-assigned identities for all App Services and avoid storing credentials in code. |
 
 ## Detailed Remediation Steps
 

en/azure/appservice/java-version.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / App Service / Java Version
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Java Version |
+| **Cloud** | AZURE |
+| **Category** | App Service |
+| **Description** | Ensures the latest version of Java is installed for all App Services |
+| **More Info** | Installing the latest version of Java will reduce the security risk of missing security patches. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/app-service/app-service-web-get-started-java |
+| **Recommended Action** | Select the latest version of Java for all Java-based App Services |
+
+## Detailed Remediation Steps
+

en/azure/appservice/php-version.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / App Service / PHP Version
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | PHP Version |
+| **Cloud** | AZURE |
+| **Category** | App Service |
+| **Description** | Ensures the latest version of PHP is installed for all App Services |
+| **More Info** | Installing the latest version of PHP will reduce the security risk of missing security patches. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/app-service/web-sites-php-configure |
+| **Recommended Action** | Select the latest version of PHP for all PHP-based App Services |
+
+## Detailed Remediation Steps
+

en/azure/appservice/python-version.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | Python Version |
 | **Cloud** | AZURE |
 | **Category** | App Service |
-| **Description** | Ensure the latest version of Python is installed on all App Services. |
+| **Description** | Ensures the latest version of Python is installed for all App Services |
 | **More Info** | Installing the latest version of Python will reduce the security risk of missing security patches. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/app-service/containers/how-to-configure-python |
-| **Recommended Action** | Set python version to the latest version on all your App Services |
+| **Recommended Action** | Select the latest version of Python for all Python-based App Services |
 
 ## Detailed Remediation Steps
 

en/azure/appservice/tls-version-check.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / App Service / TLS Version Check
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | TLS Version Check |
+| **Cloud** | AZURE |
+| **Category** | App Service |
+| **Description** | Ensures that all web apps are using the latest version of TLS |
+| **More Info** | App Services currently allows web apps to use TLS versions 1.0, 1.1 and 1.2. It is highly recommended to use the latest TLS 1.2 version for web app TLS connections. |
+| **AZURE Link** | https://azure.microsoft.com/en-in/updates/app-service-and-functions-hosted-apps-can-now-update-tls-versions/ |
+| **Recommended Action** | Set the minimum TLS version to 1.2 for all App Services. |
+
+## Detailed Remediation Steps
+

en/azure/azurepolicy/resource-location-matches-resource-group.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | Resource Location Matches Resource Group |
 | **Cloud** | AZURE |
 | **Category** | Azure Policy |
-| **Description** | Ensures deployed resources match the resource groups they are in, as well as ensuring the Audit resource location matches resource group location policy is assigned. |
-| **More Info** | Monitoring changes to resources follows Security and Compliance best practices. Being able to track resource location changes adds a level of accountability. |
+| **Description** | Ensures a policy is configured to audit that deployed resource locations match their resource group locations |
+| **More Info** | Using Azure Policy to monitor resource location compliance helps ensure that new resources are not launched into locations that do not match their resource group. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/governance/policy/assign-policy-portal |
-| **Recommended Action** | 1. Navigate to the Policy service. 2. Select the Assignments blade. 3. Click on Assign Policy. 4. Click to search a Policy definition, search for and select: Audit resource location matches resource group location. 5. Under Parameters, select your Allowed locations. 6. Click on Assign. |
+| **Recommended Action** | Enable the built-in Azure Policy definition: Audit resource location matches resource group location |
 
 ## Detailed Remediation Steps
 

en/azure/azurepolicy/resources-allowed-locations.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | Resources Allowed Locations |
 | **Cloud** | AZURE |
 | **Category** | Azure Policy |
-| **Description** | Ensures deployed resources and resource groups belong to the list set in the Allowed locations for resource groups policy. |
-| **More Info** | Monitoring changes to resources follows Security and Compliance best practices. Being able to track resource location changes adds a level of accountability. |
+| **Description** | Ensures deployed resources and resource groups belong to the list set in the allowed locations for resource groups policy |
+| **More Info** | Setting allowed locations for a service helps ensure the service can only be deployed in expected locations. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/governance/policy/assign-policy-portal |
-| **Recommended Action** | 1. Navigate to the Policy service. 2. Select the Assignments blade. 3. Click on Assign Policy. 4. Click to search a Policy definition, search for and select: Allowed locations for resource groups. 5. Under Parameters, select your Allowed locations. 6. Click on Assign. |
+| **Recommended Action** | Ensure that all services contain policy definitions that defined allowed locations. |
 
 ## Detailed Remediation Steps
 

en/azure/blobservice/blob-container-private-access.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | Blob Container Private Access |
 | **Cloud** | AZURE |
 | **Category** | Blob Service |
-| **Description** | Ensure that all blob containers do not have anonymous public access level. |
-| **More Info** | Blob containers set with public access, enables anonymous users to read blobs within a publicly accessible container without authenticating the request. Ensure that private access is set to all of blob containers. |
+| **Description** | Ensures that all blob containers do not have anonymous public access set |
+| **More Info** | Blob containers set with public access enables anonymous users to read blobs within a publicly accessible container without authentication. All blob containers should have private access configured. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction |
-| **Recommended Action** | Create blob container with public access level. |
+| **Recommended Action** | Ensure each blob container is configured to restrict anonymous access |
 
 ## Detailed Remediation Steps
 

en/azure/blobservice/blob-service-immutable.md

@@ -9,10 +9,10 @@
 | **Plugin Title** | Blob Service Immutable |
 | **Cloud** | AZURE |
 | **Category** | Blob Service |
-| **Description** | Ensures data immutability is properly configured in blob services to protect critical data against deletion. |
-| **More Info** | Immutable storage helps financial institutions and related industries--particularly broker-dealer organizations--to store data securely. It can also be leveraged in any scenario to protect critical data against deletion. |
+| **Description** | Ensures data immutability is properly configured for blob services to protect critical data against deletion |
+| **More Info** | Immutable storage helps store data securely by protecting critical data against deletion. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage#Getting-started |
-| **Recommended Action** | In your Azure storage account, select an existing container, then select access policy under container settings, and the Add Policy under Immutable Blob Storage. |
+| **Recommended Action** | Enable a data immutability policy for all storage containers in the Azure storage account. |
 
 ## Detailed Remediation Steps
 

en/azure/cdnprofiles/detect-insecure-custom-origin.md

@@ -0,0 +1,18 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / CDN Profiles / Detect Insecure Custom Origin
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Detect Insecure Custom Origin |
+| **Cloud** | AZURE |
+| **Category** | CDN Profiles |
+| **Description** | Ensures that HTTPS is enabled for CDN endpoints with a custom origin |
+| **More Info** | All Azure CDN endpoints should enable HTTPS to secure traffic to the backend custom origin. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/cdn/cdn-create-endpoint-how-to |
+| **Recommended Action** | Enable HTTPS and disable HTTP for each custom origin endpoint for each CDN profile. |
+
+## Detailed Remediation Steps
+