Item Search

Name	Audit Name	Plugin	Category
1.13.2.1.1 Ensure 'Attachment Secure Temporary Folder' is set to Disabled	CIS Microsoft Office Outlook 2013 v1.1.0 Level 1	Windows	CONFIGURATION MANAGEMENT
2.1 Secure DB2 Runtime Library	CIS IBM DB2 v10 v1.1.0 Windows OS Level 2	Windows
3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 OS Permissions	CIS IBM DB2 v10 v1.1.0 Windows OS Level 2	Windows	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
3.1.19 Secure permissions for the tertiary archive log location - FAILARCHPATH OS Permission	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1	Unix
5.1.5 Ensure No World Writable Folders Exist in the System Folder	CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
ALMA-09-019380 - AlmaLinux OS 9 must log packets with impossible addresses.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	CONFIGURATION MANAGEMENT
ALMA-09-029720 - AlmaLinux OS 9 must be configured to disable Bluetooth.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	CONFIGURATION MANAGEMENT
ALMA-09-034120 - AlmaLinux OS 9 SSHD must not allow blank passwords.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	IDENTIFICATION AND AUTHENTICATION
ALMA-09-041490 - AlmaLinux OS 9 systemd-journald service must be enabled.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
ALMA-09-042040 - AlmaLinux OS 9 must have the policycoreutils package installed.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
ALMA-09-055240 - AlmaLinux OS 9 must have the chrony package installed.	DISA CloudLinux AlmaLinux OS 9 STIG v1r2	Unix	AUDIT AND ACCOUNTABILITY
APPL-13-000056 - The macOS system must implement approved Key Exchange Algorithms within the SSH server configuration.	DISA STIG Apple macOS 13 v1r5	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
APPL-14-001014 The macOS system must configure audit log files group to wheel.	DISA Apple macOS 14 (Sonoma) STIG v2r3	Unix	AUDIT AND ACCOUNTABILITY
APPL-14-003020 The macOS system must enforce smart card authentication.	DISA Apple macOS 14 (Sonoma) STIG v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
APPL-15-001017 - The macOS system must configure audit log folders to mode 700 or less permissive.	DISA Apple macOS 15 (Sequoia) STIG v1r3	Unix	AUDIT AND ACCOUNTABILITY
CD12-00-003600 - Execution of software modules (to include functions and trigger procedures) with elevated privileges must be restricted to necessary cases only.	DISA STIG Crunchy Data PostgreSQL DB v3r1	PostgreSQLDB	ACCESS CONTROL
GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.	DISA STIG Solaris 10 SPARC v2r4	Unix	ACCESS CONTROL
PPS9-00-001300 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-001400 - The EDB Postgres Advanced Server must initiate support of session auditing upon startup.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-001600 - The EDB Postgres Advanced Server must produce audit records containing sufficient information to establish what type of events occurred.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-002000 - The EDB Postgres Advanced Server must produce audit records containing sufficient information to establish the outcome (success or failure) of the events.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-003300 - The EDB Postgres Advanced Server software installation account must be restricted to authorized users.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	CONFIGURATION MANAGEMENT
PPS9-00-003500 - Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be owned by database/EDB Postgres Advanced Server principals authorized for ownership.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	CONFIGURATION MANAGEMENT
PPS9-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	IDENTIFICATION AND AUTHENTICATION
PPS9-00-007400 - The EDB Postgres Advanced Server must prevent non-privileged users from executing privileged functions, to include disabling, circumventing, or altering implemented security safeguards/countermeasures.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	ACCESS CONTROL
PPS9-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	SYSTEM AND INFORMATION INTEGRITY
PPS9-00-010100 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to access security objects occur.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-011050 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-011400 - The EDB Postgres Advanced Server must generate audit records when security objects are deleted.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-012100 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to execute privileged activities or other system-level access occur.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-012200 - The EDB Postgres Advanced Server must generate audit records showing starting and ending time for user access to the database(s) - s.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-012400 - The EDB Postgres Advanced Server must be able to generate audit records when successful accesses to objects occur.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-012500 - The EDB Postgres Advanced Server must generate audit records when unsuccessful accesses to objects occur.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-012600 - The EDB Postgres Advanced Server must generate audit records for all direct access to the database(s).	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PPS9-00-013000 - The EDB Postgres Advanced Server must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems.	EDB PostgreSQL Advanced Server DB Audit v2r3	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
SRG-OS-99999-ESXI5-000143 - The system must enable SSL for NFC.	DISA STIG VMWare ESXi Server 5 STIG v2r1	VMware	CONFIGURATION MANAGEMENT
VCPG-67-000001 - VMware Postgres must limit the number of connections.	DISA STIG VMware vSphere 6.7 PostgreSQL v1r2	Unix	ACCESS CONTROL
VCPG-67-000012 - VMware Postgres must require authentication on all connections.	DISA STIG VMware vSphere 6.7 PostgreSQL v1r2	Unix	IDENTIFICATION AND AUTHENTICATION
VCPG-67-000015 - VMware Postgres must use FIPS 140-2 approved TLS ciphers.	DISA STIG VMware vSphere 6.7 PostgreSQL v1r2	Unix	IDENTIFICATION AND AUTHENTICATION
VCPG-67-000016 - VMware Postgres must write log entries to disk prior to returning operation success or failure - fsync	DISA STIG VMware vSphere 6.7 PostgreSQL v1r2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
VCPG-67-000016 - VMware Postgres must write log entries to disk prior to returning operation success or failure - full_page_writes	DISA STIG VMware vSphere 6.7 PostgreSQL v1r2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
VCPG-67-000016 - VMware Postgres must write log entries to disk prior to returning operation success or failure - synchronous_commit	DISA STIG VMware vSphere 6.7 PostgreSQL v1r2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
VCPG-67-000018 - Data from the vPostgres database must be protected from unauthorized transfer.	DISA STIG VMware vSphere 6.7 PostgreSQL v1r2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
VCPG-67-000019 - VMware Postgres must provide non-privileged users with minimal error information.	DISA STIG VMware vSphere 6.7 PostgreSQL v1r2	Unix	SYSTEM AND INFORMATION INTEGRITY
VCPG-70-000003 - VMware Postgres configuration files must not be accessible by unauthorized users.	DISA STIG VMware vSphere 7.0 PostgreSQL v1r2	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
VCPG-70-000007 - VMware Postgres must limit modify privileges to authorized accounts.	DISA STIG VMware vSphere 7.0 PostgreSQL v1r2	Unix	CONFIGURATION MANAGEMENT
VCPG-70-000010 - The vPostgres database must use 'md5' for authentication.	DISA STIG VMware vSphere 7.0 PostgreSQL v1r2	Unix	IDENTIFICATION AND AUTHENTICATION
VCPG-70-000011 - VMware Postgres must be configured to use Transport Layer Security (TLS).	DISA STIG VMware vSphere 7.0 PostgreSQL v1r2	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
VCPG-70-000016 - VMware Postgres must provide nonprivileged users with minimal error information.	DISA STIG VMware vSphere 7.0 PostgreSQL v1r2	Unix	SYSTEM AND INFORMATION INTEGRITY
VCPG-70-000017 - VMware Postgres must have log collection enabled.	DISA STIG VMware vSphere 7.0 PostgreSQL v1r2	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search