Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure packages are obtained from authorized repositoriesCIS PostgreSQL 15 v1.2.0 L1 OS Linux UnixUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

1.3 Harden the container hostCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

1.3 Harden the container hostCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

1.4 Harden the container hostCIS Docker 1.6 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

1.6 Verify That 'PGPASSWORD' is Not Set in Users' ProfilesCIS PostgreSQL 16 v1.1.0 L1 OS Linux UnixUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7 Verify That the 'PGPASSWORD' Environment Variable is Not in UseCIS PostgreSQL 15 v1.2.0 L1 OS Linux UnixUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.175 WN22-DC-000300CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT IWindows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure the file permissions mask is correctCIS PostgreSQL 13 v1.3.0 L1 OS Linux UnixUnix

ACCESS CONTROL, MEDIA PROTECTION

2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 18c Linux v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure Passwords are Not Stored in the service fileCIS PostgreSQL 15 v1.2.0 L1 OS Linux UnixUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure Password Complexity is Configured - validate_password_check_user_nameCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

IDENTIFICATION AND AUTHENTICATION

2.7 Ensure Password Complexity is Configured - validate_password_check_user_nameCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

IDENTIFICATION AND AUTHENTICATION

2.7 Ensure Password Complexity is Configured - validate_password_mixed_case_countCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

IDENTIFICATION AND AUTHENTICATION

2.7 Ensure Password Complexity is Configured - validate_password_policyCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

IDENTIFICATION AND AUTHENTICATION

2.7 Ensure Password Complexity is Configured - validate_password_special_char_countCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

IDENTIFICATION AND AUTHENTICATION

3.4 Ensure SQL Authentication is not used in contained databasesCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 15 v1.2.0 L1 OS Linux UnixUnix

ACCESS CONTROL

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

ACCESS CONTROL

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 16 v1.1.0 L1 OS Linux UnixUnix

ACCESS CONTROL

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 13 v1.3.0 L1 OS Linux UnixUnix

ACCESS CONTROL

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 14 OS v 1.3.0Unix

ACCESS CONTROL

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctlyCIS PostgreSQL 10 OS v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctlyCIS PostgreSQL 9.5 OS v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctlyCIS PostgreSQL 11 OS v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.11 (L1) Host must isolate management communicationsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

6.3 Mask and zone SAN resources appropriatelyCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
6.5.1 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated ciphersCIS VMware ESXi 8.0 v1.2.0 L1 UnixUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.5.6 (L1) Host SSH daemon, if enabled, must set a timeout interval on idle sessionsCIS VMware ESXi 8.0 v1.2.0 L1 UnixUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

8.2 Ensure the backup and restore tool, 'pgBackRest', is installed and configuredCIS PostgreSQL 15 v1.2.0 L1 OS Linux UnixUnix

CONTINGENCY PLANNING

Alertmail server not configured or this feature is not available on the deviceTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND INFORMATION INTEGRITY

Auto Backup via central management is not available or not configured.TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONTINGENCY PLANNING

Disable unused network portsTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

DO0120-ORACLE11 - The Oracle software installation account should not be granted excessive host system privileges - 'Oracle install account is not a member of the oracle group'DISA STIG Oracle 11 Installation v9r1 LinuxUnix

ACCESS CONTROL

DO0120-ORACLE11 - The Oracle software installation account should not be granted excessive host system privileges - 'Oracle service account group membership is correct'DISA STIG Oracle 11 Installation v9r1 WindowsWindows

ACCESS CONTROL

DO0120-ORACLE11 - The Oracle software installation account should not be granted excessive host system privileges - 'Oracle service account is denied logon on locally right'DISA STIG Oracle 11 Installation v9r1 WindowsWindows

ACCESS CONTROL

DO0120-ORACLE11 - The Oracle software installation account should not be granted excessive host system privileges - 'Oracle services use appropriate service accounts'DISA STIG Oracle 11 Installation v9r1 WindowsWindows

ACCESS CONTROL

Event Logging is not available or enabled - Event Logging category checks not performedTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

EX13-EG-000005 - Exchange must limit the Receive connector timeout.DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6Windows

ACCESS CONTROL

EX16-ED-000010 - Exchange must limit the Receive connector timeout.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6Windows

ACCESS CONTROL

Fortigate - AAA - LDAP server is trustedTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - AAA - RADIUS server is trustedTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - AAA - TACACS+ server is trustedTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Review the patch update methodTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND INFORMATION INTEGRITY

Fortigate - Review users with admin privilegesTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - SNMP v3 auth-priv is not enabledTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - SNMP v3 is not enabledTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Unix-to-Unix Copy Protocol ServiceNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Salesforce.com : Trust and Salesforce.com - Review http://trust.salesforce.comTNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND SERVICES ACQUISITION

SNMP is not enabled. SNMP specific checks not performed.TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

The device does not appear to support or is not configured for administrative password policy settings.TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION