Item Search

NameAudit NamePluginCategory
1.12 Ensure host-based intrusion detection tool is usedCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

SYSTEM AND INFORMATION INTEGRITY

1.12 Ensure host-based intrusion detection tool is used - mcafeetp packageCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

SYSTEM AND INFORMATION INTEGRITY

1.12 Ensure host-based intrusion detection tool is used - mfetpd processCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

SYSTEM AND INFORMATION INTEGRITY

2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 18c Linux v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 18c Windows v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 12c Windows v3.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 12c Linux v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4 Ensure 'LOCAL_LISTENER' Is Set AppropriatelyCIS Oracle Server 11g R2 DB v2.2.0OracleDB
4.2.3 Enable Outbreak Prevention DatabaseCIS Fortigate 7.0.x v1.3.0 L2FortiGate

SYSTEM AND INFORMATION INTEGRITY

4.2.4 Enable AI /heuristic based malware detectionCIS Fortigate 7.0.x v1.3.0 L2FortiGate

SYSTEM AND INFORMATION INTEGRITY

4.2.6 Ensure inline scanning with FortiGuard AI-Based Sandbox Service is enabledCIS Fortigate 7.0.x v1.3.0 L1FortiGate

SYSTEM AND INFORMATION INTEGRITY

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.10 Ensure XProtect Is Running and UpdatedCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.10 Ensure XProtect Is Running and UpdatedCIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 13.0 Ventura v3.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

CASA-FW-000150 - The Cisco ASA must be configured to enable threat detection to mitigate risks of denial-of-service (DoS) attacks.DISA STIG Cisco ASA FW v2r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-FW-000220 - The Cisco ASA must be configured to implement scanning threat detection.DISA STIG Cisco ASA FW v2r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CIS VMware ESXi 6.5 v1.0.0 Level 2CIS VMware ESXi 6.5 v1.0.0 Level 2VMware
DISA_STIG_McAfee_VirusScan_8.8_Local_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Local Client v6r1 STIGDISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows
DISA_STIG_McAfee_VirusScan_8.8_Managed_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Managed Client Security Technical implementation Guide v6r1 STIGDISA McAfee VirusScan 8.8 Managed Client STIG v6r1Windows
DTAM138 - McAfee VirusScan Access Protection Policies must be configured to prevent McAfee services from being stopped.DISA McAfee VirusScan 8.8 Managed Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM138 - McAfee VirusScan Access Protection Rules must be configured to prevent McAfee services from being stopped.DISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM165 - McAfee VirusScan On-Access Scanner All Processes settings must be configured to detect unwanted programs.DISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-000 - The McAfee VirusScan Enterprise for Linux Web interface must be disabled unless the system is on a segregated network.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

CONFIGURATION MANAGEMENT

DTAVSEL-301 - Access to the McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be enforced by firewall rules.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

CONFIGURATION MANAGEMENT

EX13-MB-000265 - Exchange servers must have an approved DoD email-aware virus protection software installed.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-MB-000530 - Exchange servers must have an approved DoD email-aware virus protection software installed.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND INFORMATION INTEGRITY

EX19-MB-000134 - Exchange servers must have an approved DOD email-aware virus protection software installed.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

SYSTEM AND INFORMATION INTEGRITY

FireEye - Binary analysis AV-suite is enabledTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - TNS Best Practices FireEye AuditTNS FireEyeFireEye
GEN006480 - The system must have a host-based intrusion detection tool installed.DISA STIG for Oracle Linux 5 v2r1Unix

SYSTEM AND INFORMATION INTEGRITY

GEN006480 - The system must have a host-based intrusion detection tool installed.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

SYSTEM AND INFORMATION INTEGRITY

JUSX-IP-000031 - The Juniper Networks SRX Series Gateway IDPS must either forward the traffic from inbound connections to be more deeply inspected for malicious code and Layer 7 threats, or the Antivirus and Unified Threat Management (UTM) license must be installed, active, and policies and rules configured.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

CONFIGURATION MANAGEMENT

RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000285 - The system must have a host-based intrusion detection tool installed - hipclient processDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000285 - The system must have a host-based intrusion detection tool installed - MFEhiplsmDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

SonicWALL - Client AV Enforcement On - DMZTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Client AV Enforcement On - LANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Client AV Enforcement On - WLANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - DMZTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - LANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - WANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - WLANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

TNS_BestPractice_Citrix_XenServer.audit from TNS Citrix XenServer Best PracticesTNS Citrix XenServerUnix