Loading controls...
Benchmark: 3.13.15 Protect the authenticity of communications sessions
Description
Authenticity protection includes protecting against man-in-the-middle attacks, session hijacking, and the insertion of false information into communications sessions. This requirement addresses communications protection at the session versus packet level (e.g., sessions in service-oriented architectures providing web-based services) and establishes grounds for confidence at both ends of communications sessions in ongoing identities of other parties and in the validity of information transmitted.
Usage
Browse dashboards and select 3.13.15 Protect the authenticity of communications sessions:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.nist_800_171_rev_2_3_13_15Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.nist_800_171_rev_2_3_13_15Controls
- ELB application load balancers should be drop HTTP headers
- ELB application load balancers should redirect HTTP requests to HTTPS
- ELB application and network load balancers should only use SSL or HTTPS listeners
- ELB classic load balancers should use SSL certificates
- ELB classic load balancers should only use SSL or HTTPS listeners