Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.10 Ensure nodev option set on /dev/shm partitionCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.12 Ensure noexec option set on /dev/shm partitionCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.14 Add nodev Option to /dev/shm PartitionCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.13.2.1.1 Ensure 'Attachment Secure Temporary Folder' is set to DisabledCIS Microsoft Office Outlook 2013 v1.1.0 Level 1Windows

CONFIGURATION MANAGEMENT

2.1 Secure DB2 Runtime LibraryCIS IBM DB2 v10 v1.1.0 Windows OS Level 2Windows
2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT nullCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT nullCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

3.1.2 Service Only via Required Protocol - use-ipv6=no'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

4.2 Ensure logrotate is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.5 Ensure No World Writable Folders Exist in the System FolderCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure No World Writable Folders Exist in the System FolderCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

9.1.14 Find SGID System ExecutablesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.4.2 (L1) Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

ALMA-09-001010 - AlmaLinux OS 9 must limit the number of concurrent sessions to ten for all accounts and/or account types.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

ACCESS CONTROL

ESXI-80-000035 - The ESXi host must enforce password complexity by configuring a password quality policy.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

IDENTIFICATION AND AUTHENTICATION

EX16-ED-000290 - Exchange Receive connectors must control the number of recipients chunked on a single message.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

Host versionTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

List halted VMsTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

List running VMsTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

List security rolesTNS Citrix HypervisorUnix

ACCESS CONTROL

List VM memory allocationsTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

O112-OS-010710 - Logic modules within the database (to include packages, procedures, functions and triggers) must be monitored to discover unauthorized changes.DISA STIG Oracle 11.2g v2r5 DatabaseOracleDB

CONFIGURATION MANAGEMENT

O121-OS-010700 - Database software, applications, and configuration files must be monitored to discover unauthorized changes.DISA STIG Oracle 12c v3r2 DatabaseOracleDB

CONFIGURATION MANAGEMENT

Review accounts used to mount remote storageTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

SLES-15-030010 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.DISA SUSE Linux Enterprise Server 15 STIG v2r4Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

SLES-15-030040 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.DISA SUSE Linux Enterprise Server 15 STIG v2r4Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception).DISA STIG Solaris 11 X86 v3r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

SQL2-00-014600 - SQL Server must support the organizational requirement to employ automated mechanisms for enforcing access restrictions.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

The hosts.deny file blocks access by defaultTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EPERM b32DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020630 - Successful/unsuccessful uses of the openat command must generate an audit record - EPERM b64DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EACCES b32DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EPERM b64DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020650 - Successful/unsuccessful uses of the sudo command must generate an audit record.DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020670 - Successful/unsuccessful uses of the chsh command must generate an audit record.DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020760 - Successful/unsuccessful uses of the passwd command must generate an audit record.DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020780 - Successful/unsuccessful uses of the gpasswd command must generate an audit record.DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020830 - Successful/unsuccessful uses of the init_module command must generate an audit record - b32DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-16-020840 - Successful/unsuccessful uses of the finit_module command must generate an audit record - b64DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

WN19-UR-000170 - Windows Server 2019 Manage auditing and security log user right must only be assigned to the Administrators group.DISA Microsoft Windows Server 2019 STIG v3r4Windows

AUDIT AND ACCOUNTABILITY

WN22-UR-000170 - Windows Server 2022 manage auditing and security log user right must only be assigned to the Administrators group.DISA Microsoft Windows Server 2022 STIG v2r4Windows

AUDIT AND ACCOUNTABILITY

XAPI SSL certificate is in default locationTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

XenServer - List bonded NIC groupsTNS Citrix XenServerUnix

CONFIGURATION MANAGEMENT

XenServer - List VLANsTNS Citrix XenServerUnix

CONFIGURATION MANAGEMENT

XenServer - NTP client configuredTNS Citrix XenServerUnix

AUDIT AND ACCOUNTABILITY

XenServer - The hosts.allow file limits access to the local networkTNS Citrix XenServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION