Missing service and waf fields

Azure · Oct 21, 2024 · 288540e · 288540e
1 parent bdd8dff
commit 288540e
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/checklists/datasecurity_checklist.en.json b/checklists/datasecurity_checklist.en.json
@@ -153,6 +153,8 @@
         {
             "category": "",
             "subcategory": "",
+            "service": "Azure Data Factory",
+            "waf": "Security",
             "text": "Use Azure Key Vault secrets in pipeline activities",
             "description": "You can store credentials or secret values in an Azure Key Vault and use them during pipeline execution to pass to your activities.",
             "guid": "a3aec2c4-e243-46b0-936d-b55e17960eee",
@@ -199,6 +201,7 @@
             "subcategory": "",
             "text": "Disable access over public internet and configure either firewall rules or trusted services rules",
             "service": "Azure Data Factory",
+            "waf": "Security",
             "guid": "4e4f1854-287d-45cd-a126-cc032af5b1fc",
             "id": "F01.01",
             "severity": "Medium"
@@ -242,6 +245,8 @@
             "text": "Configure Private Links to connect to sources in customer Vnet and data factory",
             "description": "By using Azure Private Link, you can connect to various platform as a service (PaaS) deployments in Azure via a private endpoint. A private endpoint is a private IP address within a specific virtual network and subnet",
             "guid": "b47a393a-0804-4272-a479-8b1578b219a4",
+            "service": "Azure Data Factory",
+            "waf": "Security",
             "id": "G01.01",
             "severity": "Medium",
             "link": "https://learn.microsoft.com/azure/data-factory/data-factory-private-link"
@@ -297,6 +302,7 @@
             "text": "Use Azure Key Vault secrets in pipeline activities",
             "description": "You can store credentials or secret values in an Azure Key Vault and use them during pipeline execution to pass to your activities.",
             "service": "Azure Data Factory",
+            "waf": "Security",
             "guid": "6f4a1652-bddd-4ea8-a487-cdec4861bc3b",
             "id": "H01.05",
             "severity": "Medium",
@@ -308,6 +314,7 @@
             "text": "Encrypt credentials for on-premises using SHIR data stores in Azure Data Factory",
             "description": "You can encrypt and store credentials for any of your on-premises data stores (linked services with sensitive information) on a machine with self-hosted integration runtime.",
             "service": "Azure Data Factory",
+            "waf": "Security",
             "guid": "c14aeb7e-66e8-4d9a-9bec-218e6436b173",
             "id": "H01.06",
             "severity": "Medium",
@@ -635,6 +642,8 @@
             "text": "Restrict workspace admins",
             "description": "Account admins can configure a workspace setting called RestrictWorkspaceAdmins to restrict workspace admins to only change a job owner to themselves and the job run as setting to a service principal that they have the Service Principal User role on.",
             "guid": "6b57dfc6-5546-41e1-a3e3-453a3c863964",
+            "waf": "Security",
+            "service": "Azure Databricks",
             "id": "P01.01",
             "severity": "High",
             "link": "https://learn.microsoft.com/azure/databricks/admin/workspace-settings/restrict-workspace-admins"
@@ -653,6 +662,7 @@
         {
             "category": "",
             "subcategory": "",
+            "waf": "Security",
             "text": "Regenerate/rotate keys if using them periodically",
             "guid": "42b16c21-d799-49a6-96f4-389a8f42c78e",
             "id": "R01.01",
@@ -806,4 +816,4 @@
         "waf": "Security",
         "timestamp": "October 21, 2024"
     }
-}
+}