Item Search

Name	Audit Name	Plugin	Category
1.1.2.4.1 Ensure separate partition exists for /var	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.6 Ensure separate partition exists for /var	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.7 Ensure separate partition exists for /var/tmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.11 Ensure separate partition exists for /var/log	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
1.1.12 Ensure separate partition exists for /var/log/audit	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure sctp kernel module is not available	CIS Amazon Linux 2 v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT
4.1.1.2 Ensure system is disabled when audit logs are full - email	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.3 Ensure audit logs are not automatically deleted	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2 Ensure auditd service is enabled	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - adjtimex (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.4 Ensure events that modify date and time information are collected - auditctl adjtimex	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify user/group information are collected	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - /etc/shadow	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/gshadow	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/passwd	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/shadow	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - /etc/hosts	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - auditctl sethostname (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure session initiation information is collected - /var/log/wtmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.10 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.10 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.13 Ensure successful file system mounts are collected - auditctl (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - auditctl modprobe	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - auditctl rmmod	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - modprobe	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.5 Ensure events that modify the system's network environment are collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.20 Ensure the audit configuration is immutable	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION
5.2.4.4 Ensure only authorized groups are assigned ownership of audit log files	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.5 Ensure audit configuration files are 640 or more restrictive	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.4 CIFS - 'ldap.security.level = 1 or 2'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
6.1.14 Audit system file permissions	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
ARST-L2-000060 - The Arista MLS layer 2 switch must have BPDU Guard enabled on all switch ports connecting to access layer switches and hosts.	DISA STIG Arista MLS EOS 4.2x L2S v2r1	Arista	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-ND-001000 - The Cisco switch must be configured to generate an alert for all audit failure events.	DISA Cisco NX OS Switch NDM STIG v3r3	Cisco	AUDIT AND ACCOUNTABILITY
IIST-SI-000242 - The IIS 10.0 private website must employ cryptographic mechanisms (TLS) and require client certificates.	DISA IIS 10.0 Site v2r11	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version	DISA IIS 10.0 Server v2r10	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
IIST-SV-000154 - The IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version.	DISA IIS 10.0 Server v2r10	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
IIST-SV-000154 - The IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version.	DISA IIS 10.0 Server v3r3	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
IISW-SI-000242 - The IIS 8.5 private website must employ cryptographic mechanisms (TLS) and require client certificates.	DISA IIS 8.5 Site v2r9	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
JUNI-ND-001140 - The Juniper router must be configured to authenticate NTP sources using authentication that is cryptographically based.	DISA STIG Juniper Router NDM v3r2	Juniper	IDENTIFICATION AND AUTHENTICATION
JUSX-DM-000110 - The Juniper SRX Services Gateway must authenticate NTP servers before establishing a network connection using bidirectional authentication that is cryptographically based.	DISA Juniper SRX Services Gateway NDM v3r2	Juniper	IDENTIFICATION AND AUTHENTICATION
SonicWALL - Flood Protection - Layer 2 - Threshold	TNS SonicWALL v5.9	SonicWALL	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search