Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1 Ensure monitoring and alerting exist for ACCOUNTADMIN and SECURITYADMIN role grantsCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.2 Ensure monitoring and alerting exist for MANAGE GRANTS privilege grantsCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.4 Ensure monitoring and alerting exist for password sign-in without MFACIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.4.3 (L2) Ensure Microsoft Defender for Cloud Apps is enabled and configuredCIS Microsoft 365 Foundations v6.0.1 L2 E5microsoft_azure

SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 6 v1.2.0 L1 MongoDBWindows

CONFIGURATION MANAGEMENT

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 7 v1.2.0 L1 UnixUnix

CONFIGURATION MANAGEMENT

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 8 v1.0.0 L1 UnixUnix

CONFIGURATION MANAGEMENT

18.10.42.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'CIS Microsoft Windows Server 2025 v2.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

All network interfaces are operating in full-duplex modeTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

DTAM054 - McAfee VirusScan On-Demand scan must be configured to find unknown program threats.DISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM104 - McAfee VirusScan On-Access Scanner All Processes settings must be configured to find unknown unwanted programs and trojans.DISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM105 - McAfee VirusScan On-Access Default Processes Policies must be configured to find unknown macro viruses.DISA McAfee VirusScan 8.8 Managed Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-005 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

Enable only necessary and secure services, protocols, daemons - 'lwsmd'TNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

Enable port locking by default on the VM guest networkTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Host is enabledTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

HP ProCurve - 'Disable SNMPv2'TNS HP ProCurveHPProCurve

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

HP ProCurve - 'Disable TFTP server'TNS HP ProCurveHPProCurve

CONFIGURATION MANAGEMENT

HP ProCurve - 'Enable SNMPv3'TNS HP ProCurveHPProCurve

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

Identify a network interface to be used for storage accessTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

Install a trusted CA certificate on the poolTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

JUSX-IP-000011 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

ACCESS CONTROL

JUSX-IP-000012 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

ACCESS CONTROL

JUSX-IP-000013 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

ACCESS CONTROL

Passwords stored in 'secrets' are not visibleTNS Citrix HypervisorUnix

IDENTIFICATION AND AUTHENTICATION

Snapshots are not presentTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 2 - ThresholdTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - Handshake enforcementTNS SonicWALL v5.9SonicWALL
SonicWALL - IDP ON - LANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Logging Level - InformationTNS SonicWALL v5.9SonicWALL

AUDIT AND ACCOUNTABILITY

SonicWALL - Login Banner - Public ZoneTNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

SonicWALL - Password Policy - Password Uniqueness >= 10TNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - PW Policy - Lockout Duration - >= 5 minutesTNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

SonicWALL - Security Services - Gateway AV - EnabledTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - HTTP OutboundTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - SMTP OutboundTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - TCP Stream InboundTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - IDP - Signature DB PresentTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - IDP - Signature TimestampTNS SonicWALL v5.9SonicWALL

AUDIT AND ACCOUNTABILITY

SonicWALL - SSL Control - Block the conn. and log the eventTNS SonicWALL v5.9SonicWALL

AUDIT AND ACCOUNTABILITY

SonicWALL - SSL Control - Detect Expired CertificatesTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - SSL Control - Enable WhitelistTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

Use a static IP on the management network interfaceTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

XenServer - Auto-start is not enabledTNS Citrix XenServerUnix
XenServer - Enable QoS on all VM guestsTNS Citrix XenServerUnix
XenServer - Install a trusted CA certificate on the poolTNS Citrix XenServerUnix
XenServer - Passwords stored in 'secrets' are not visibleTNS Citrix XenServerUnix
XenServer - Restrict allowed IPv6 addresses used by each VM guestTNS Citrix XenServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION