Tests
Troubleshooting and Information for Drata Automated Tests
164 articles
Test 121: Logs Monitored for Suspicious Activity
Test: Termination Process and Checklist
Test 143: Sensitive Data Disposal Policy
Test 141: Clean Desk Policy
Test 138: Deleting Customer Data Upon Terminated Contract
Test 136: Data Retention Policy
Test: Backups Checked for Integrity
Test 134: Failed Backups Addressed in Timely Manner
Test 133: Failed Backup Alerts Being Sent
Test 129: Capacity and Usage Monitoring
Test 127: Security Policies Cover Encryption
Test 123: Cloud Infrastructure Linked to Drata
Test 111: Logs are Retained for 365 Days
Test 110: Only Authorized Users can Access Log Sinks
Test 109: Logs are Centrally Stored
Test 108: Storage Data Versioned or Retained
Test 105: Threat Detection in Place
Test 85: Terms of Use Publicly Available
Test 84: Privacy Policy Publicly Available
Test 83: MSAs Offered to Customers
Test 66: Hard-Disk Encryption Enabled on Employee Computers
Test 61: Screensaver Lock Required on Employee Computers
Test 60: Engineering Job Description
Test 59: Job Descriptions
Test 58: New Hire Contracts
Test 50: Contractor Background Checks
Test 47: Employee Background Checks
Test 46: Performance Evaluation Process
Test 43: Security Awareness Training Completed
Test 42: Policies for Security Awareness Training
Test: Policies for a Security Team
Test 7: Only Authorized Employees Change Code
Test 6: Only Authorized Employees Access Version Control
Test 124: Root Infrastructure Account Unused
Test 107: Daily Database Backups
Test 104: Cloud Data Storage Exposure
Test 98: Employees have Unique Infrastructure Accounts
Test 97: Employees have Unique Version Control Accounts
Test 95: Infrastructure Accounts Properly Removed
Test 94: Version Control Accounts Removed Properly
Test 88: MFA on Infrastructure Console
Test 62: Password Manager Required
Test 9: Production Code Changes Restricted
Test 137: Data Classification Policy
Test 130: Load Balancer Used
Test 128: Physical Security Policy
Test 122: Web Application Firewall in Place
Test 119: Firewall Default Disallows Traffic
Test 118: Infrastructure Instance CPU Monitored
Test 117: NoSQL Cluster Storage Utilization Monitored
Test 115: Messaging Queue Message Age Monitored
Test 114: Database Read I/O Monitored
Test 113: Database Free Storage Space Monitored
Test 112: Database CPU Monitored
Test 102: Public SSH Denied
Test 89: Internal Password Policy for Employees
Test 69: Customer Data in Cloud Storage is Encrypted at Rest
Test 68: Customer Data is Encrypted at Rest
Test 67: Cryptography Policy
Test 65: Security Patches Auto-Applied
Test 64: Malware Detection Software Installed
Test: Employees Acknowledge the Data Protection Policy
Test 56: Data Protection Policy
Test 55: Employees Acknowledge the Code of Conduct
Test 54: Formal Code of Conduct
Test 51: Independent Board of Directors
Test 49: Contractors Acknowledge the Acceptable Use Policy
Test 48: Contractors Acknowledge the Code of Conduct
Test 45: Employees Acknowledge the Acceptable Use Policy
Test 44: Acceptable Use Policy
Test 39: Security Policies are Reviewed
Test: Policies are Acknowledge
Test: Has Security Policies
Test 36: Has a SDLC Policy
Test: IRP Includes Lessons Learned
Test: IRP Designates Responsible Team Members
Test 33: Incident Response Plan (IRP)
Test 32: Policies for Tracking Security Items
Test 30: Availability Zones Used
Test 28: Disaster Recovery Plan
Test 27: SLA for Security Bugs
Test 26: Security Issues are Prioritized
Test 21: Vulnerability Scanning
Test 18: Risk Assessment Policy
Test 17: Maintains Organization Chart
Test 16: Information Security Policy
Test 13: System Access Control Policy
Test: Process for Responsible Disclosure
Test 11: Contact Information Available to Customers
Test 8: Formal Code Review Process
Test 5: A Version Control System is being Used
Test 3: Least Privilege Policy for Customer Data Access
Test 4: SSL/TLS on Admin Page of Infrastructure Console
Test 2: Policies Cover Employee Confidentiality
Test 1: Policies Cover Employee Access
Test 106: Has a Backup Policy
Test 96: Employees have Unique Email Accounts
Test 87: MFA on Version Control System
Test 86: MFA on Identity Provider
Test 72: SSL/TLS Certificate has Not Expired
Test 71: SSL/TLS Configuration has No Known Issues
Test 70: SSL/TLS Enforced on Company Website
Test 63: Password Manager Records on Employee Computers
Test 209: External Exposure of Cloud Resources
Test 208: Excessive Privileges Assigned
Test 210: Encryption in Transit
Test 229: AWS IAM Unused Credentials
Test 232: AWS IAM Access Key Rotation
Test 217: AWS IAM Group-Based Access Control
Test 230: AWS IAM Principle of Least Privilege
Test 214: MFA for AWS Root Account
Test 225: Hardware MFA for AWS Root Account
Test 215: AWS IAM Password Minimum Length
Test 216: AWS IAM Password Reuse
Test 221: AWS S3 Bucket Access Logging
Test 222: AWS CloudTrail Logs Encrypted
Test 223: AWS CMK Rotation
Test 224: AWS VPC Flow Logging
Test 227: AWS Network ACLs Public Remote Server Administration Access Restricted
Test 228: AWS Security Groups Restrict Public RDP Access
Test 233: AWS VPC Default Security Groups Restrict All Traffic
Test 234: AWS S3 HTTP Requests Denied
Test 218: AWS EBS Volume Encryption
Test 219: AWS RDS Auto Minor Version Upgrade
Test 220: AWS RDS Public Access Restricted
Test 231: AWS EFS Encrypted at Rest
Test 226: AWS S3 Object-Level Logging for Read & Write Events
Test 290: AWS Database Writes I/O Monitored
Test 291: AWS Security Groups HTTP Access Restricted
Test 292: AWS EC2 Instances IMDSv1 Disabled
Test 293: AWS Classic Load Balancer Latency Monitored
Test 294: AWS Application Load Balancer Target Response Time Monitored
Test 295: AWS Classic Load Balancer Server Errors Monitored
Test 296: AWS Application Load Balancer Server Errors Monitored
Test 297: AWS Classic Load Balancer Unhealthy Hosts Monitored
Test 298: AWS Application Load Balancer Unhealthy Hosts Monitored
Test 299: AWS Application Load Balancer Redirects HTTP to HTTPS
Test 300: AWS Lambda Error Rate Monitored
Test: Critical Vulnerabilities Addressed
Test: High Vulnerabilities Addressed
Test 206: SQL Freeable Memory Monitored
Test 205: CloudTrail log file integrity validation enabled
Test 301: AWS DynamoDB Point-in-Time Recovery Enabled
Test 132: Daily backup job status monitored
October 2024 Release: AWS Drata test
Test 243: Azure Log Alert for Create Policy Assignment
Test 244: Azure Log Alert for Delete Public IP Address
Test 245: Azure Log Alert for Delete Policy Assignment
Test 246: Azure Log Alert for Create or Update Network Security Group
Test 247: Azure Log Alert for Delete Network Security Group
Test 248: Azure Log Alert for Create or Update Security Solution
Test 249: Azure Log Alert for Delete Security Solution
Test 252: Azure Log Alert for Create or Update Public IP Address rule
Test 253: Azure Storage Accounts Accessed Via Private Endpoints
Test 263: Azure Storage Accounts Secure TLS Configuration
Test 268: Azure Network Security Group SSH Public Access Restricted
Test 269: Azure App Service Web App Redirects HTTP Traffic to HTTPS
Test 256: Azure SQL Servers Auditing
Test 310: Audit Logs Enabled for EKS Clusters
Test 257: Azure PostgreSQL Database Server Log Checkpoints
Test 116: NoSQL Cluster CPU Load Monitored
Test 131: Autoscale Server Instances
February 2025 Release: AWS and Azure Drata Tests
Monitoring: Manage Individual Test Details