Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.1 Ensure Firewall Is EnabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure Firewall Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.2.1 Ensure Firewall Is EnabledCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.2.1 Ensure Firewall Is EnabledCIS Apple macOS 13.0 Ventura v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.2.1 Ensure Firewall Is EnabledCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.4.1.1 Ensure Firewall Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.5.2.1 Ensure Firewall Is EnabledCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.5.2.1 Ensure Firewall Is EnabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.5.2.1 Ensure Firewall Is EnabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.5.2.2 Ensure Firewall Is EnabledCIS Apple macOS 10.14 v2.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

4.4.4 Apply Application Control Security Profile to PoliciesCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, MEDIA PROTECTION

4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - Deny By Concurrent RequestsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - maxConcurrentRequestsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.1 Ensure allow and deny filters limit access to specific IP addressesCIS NGINX Benchmark v2.1.0 L2 LoadbalancerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.1 Ensure allow and deny filters limit access to specific IP addressesCIS NGINX Benchmark v2.1.0 L2 WebserverUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.1 Ensure allow and deny filters limit access to specific IP addressesCIS NGINX Benchmark v2.1.0 L2 ProxyUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.3 Ensure 'identityAssertionEnabled' is set to 'true' within the CSIv2 Attribute LayerCIS IBM WebSphere Liberty v1.0.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.3 Ensure 'identityAssertionTypes' is specified to the correct identity tokens in CSIv2 Attribute Layer - review/ZechCIS IBM WebSphere Liberty v1.0.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes v1.10.0 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.6.6 Consider firewalling GKE worker nodesCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.7.1 Create administrative boundaries between resources using namespacesCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.22 Ensure the default seccomp profile is not DisabledCIS Docker v1.7.0 L1 Docker - LinuxUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and EnabledCIS Apache HTTP Server 2.4 v2.2.0 L2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure the 'hostNameExcludeList' attribute is set to a whitelist of host namesCIS IBM WebSphere Liberty v1.0.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure the 'hostNameIncludeList attribute' is set to a whitelist of host namesCIS IBM WebSphere Liberty v1.0.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure the 'addressExcludeList' attribute is set to a whitelist of hostnamesCIS IBM WebSphere Liberty v1.0.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure the 'addressIncludeList' attribute is set to a whitelist of IP addressesCIS IBM WebSphere Liberty v1.0.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION