Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.16 Add noexec Option to /dev/shm PartitionCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Create network segmentation using Network PoliciesCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.2 Ensure Firewall Stealth Mode Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.2 Ensure Firewall Stealth Mode Is EnabledCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.2 Ensure Firewall Stealth Mode Is EnabledCIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.2 Ensure Firewall Stealth Mode Is EnabledCIS Apple macOS 13.0 Ventura v3.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.10.6 Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.5.2.2 Ensure Firewall Stealth Mode Is EnabledCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure TLS authentication for Docker daemon is configuredCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.8.1 Ensure 'Allow remote access connections to this machine' is set to 'Disabled'CIS Google Chrome L1 v3.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.8.2 (L1) Ensure 'Allow remote users to interact with elevated windows in remote assistance sessions' is set to 'Disabled'CIS Google Chrome L1 v3.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.8.3 (L1) Ensure 'Configure the required domain names for remote access clients' is set to 'Enabled' with a domain definedCIS Google Chrome L1 v3.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.8.4 (L1) Ensure 'Enable curtaining of remote access hosts' is set to 'Disabled'CIS Google Chrome L1 v3.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.8.5 (L1) Ensure 'Enable firewall traversal from remote access host' is set to 'Disabled'CIS Google Chrome L1 v3.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.8.6 (L1) Ensure 'Enable or disable PIN-less authentication for remote access hosts' is set to 'Disabled'CIS Google Chrome L1 v3.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.8.7 (L1) Ensure 'Enable the use of relay servers by the remote access host' is set to 'Disabled'.CIS Google Chrome L1 v3.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.32 Ensure 'Allow remote debugging' is set to 'Disabled'CIS Google Chrome L1 v3.0.0Windows

ACCESS CONTROL, RISK ASSESSMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.1.4.1 If VLAN interfaces have IP addreses, configure anti spoofing / ingress filtering protectionsCIS Cisco NX-OS v1.2.0 L1Cisco

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.2 Ensure 'Allow unmanaged devices' is set to 'False'CIS Microsoft Exchange Server 2019 L1 MDM v1.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.2.1.29 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled'AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution OwnedMDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.2.1.29 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled'MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally OwnedMDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.9 Ensure 'Require encryption on device' is set to 'True'CIS Microsoft Exchange Server 2019 L1 MDM v1.0.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

4.1 Ensure 'Antivirus Update Schedule' is set to download and install updates hourlyCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

4.11 (L1) Host must use strict x509 verification for TLS-enabled remote logging endpointsCIS VMware ESXi 8.0 v1.2.0 L1VMware

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

5.7 Ensure 'WildFire Update Schedule' is set to download and install updates every minuteCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.3 Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.3 (L1) Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.1 (L1) Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

Big Sur - Enable macOS Application FirewallNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Enable macOS Application FirewallNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Enable macOS Application FirewallNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Enable macOS Application FirewallNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Enable macOS Application FirewallNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Enable Firewall LoggingNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Enable Firewall LoggingNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Enable Firewall LoggingNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Enable macOS Application FirewallNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Enable macOS Application FirewallNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

DG0103-ORACLE11 - Network access to the DBMS must be restricted to authorized personnel - valid source and destination IPs are used in rules'DISA STIG Oracle 11 Installation v9r1 WindowsWindows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI305 - Automatic configuration of Internet Explorer must be disallowed.DISA STIG Microsoft Internet Explorer 9 v1r15Windows

SYSTEM AND COMMUNICATIONS PROTECTION

GEN008520 - The system must employ a local firewall.DISA STIG AIX 5.3 v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.DISA STIG AIX 5.3 v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enable macOS Application FirewallNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enable macOS Application FirewallNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION