Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.8 Ensure mounting of FAT filesystems is limited - vfat fstabCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.2 Disable Unused ConnectorsCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

1.2 Disable Unused ConnectorsCIS Apache Tomcat 8 L2 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.2 Disable Unused ConnectorsCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

1.2 Ensure Auto Update Is EnabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2 Ensure Auto Update Is EnabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

2.1 Secure the DB2 Runtime LibraryCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix
2.9 Ensure Legacy EFI Is Valid and Updating - checked regularlyCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

SYSTEM AND SERVICES ACQUISITION

2.9 Ensure Legacy EFI Is Valid and Updating - validCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

SYSTEM AND SERVICES ACQUISITION

2.9 Ensure Legacy EFI Is Valid and Updating - validCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

SYSTEM AND SERVICES ACQUISITION

2.11 Ensure EFI Version Is Valid and Checked Regularly - integrity-checkCIS Apple macOS 10.14 v2.0.0 L1Unix

SYSTEM AND SERVICES ACQUISITION

2.13 Ensure EFI version is valid and being regularly checked - itegrity-checkCIS Apple macOS 10.13 L1 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.15 Ensure 'sa' Login Account has been renamedCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

CONFIGURATION MANAGEMENT

3.2 Ensure 'High Availability' requires Link Monitoring and/or Path MonitoringCIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring Failure ConditionCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

ACCESS CONTROL, CONFIGURATION MANAGEMENT

5.2.4 Ensure users must provide password for escalationCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for escalationCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

6.2 Disabled Browser Sign-insCIS Mozilla Firefox 102 ESR Windows L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2 Turn on filename extensionsCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

6.4 Disable Form Fill AssistanceCIS Mozilla Firefox 102 ESR Linux L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

7.1 Disable Auto-Install of Add-onsCIS Mozilla Firefox 102 ESR Windows L1 v1.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

7.6 Automatic Actions for Optical MediaCIS Apple OSX 10.9 L1 v1.3.0Unix
7.6 Automatic Actions for Optical MediaCIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

7.6 Automatic Actions for Optical MediaCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix
8.2 Block Reported Web ForgeriesCIS Mozilla Firefox 102 ESR Linux L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

8.3 Enable Cryptomining ProtectionCIS Mozilla Firefox 102 ESR Linux L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

11.2 Samba: Set Secure Permissions on smb.conf FileCIS Solaris 10 L2 v5.2Unix
18.10.4.3 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

ALMA-09-018280 - AlmaLinux OS 9 must be configured so that the file integrity tool verifies extended attributes.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

DTOO320 - Check e-mail addresses against addresses of certificates being used must be disallowed.DISA STIG Microsoft Outlook 2016 v2r3Windows

CONFIGURATION MANAGEMENT

ESXI-65-000071 - The ESXi host must verify the integrity of the installation media before installing ESXi.DISA STIG VMware vSphere ESXi 6.5 v2r4VMware

CONFIGURATION MANAGEMENT

ESXI-70-000047 - The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance levels must be verified.DISA STIG VMware vSphere 7.0 ESXi OS v1r4Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-80-000133 - The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.DISA VMware vSphere 8.0 ESXi STIG v2r3Unix

CONFIGURATION MANAGEMENT

GOOG-13-710900 - Android 13 devices must be configured to disable the use of third-party keyboards (work profile only).AirWatch - DISA Google Android 13 BYOD v1r2MDM

CONFIGURATION MANAGEMENT

GOOG-14-710900 - Android 14 devices must be configured to disable the use of third-party keyboards (work profile only) - work profile only.AirWatch - DISA Google Android 14 BYOAD v1r1MDM

CONFIGURATION MANAGEMENT

IISW-SV-000123 - The IIS 8.5 web server must be reviewed on a regular basis to remove any Operating System features, utility programs, plug-ins, and modules not necessary for operation.DISA IIS 8.5 Server v2r7Windows

CONFIGURATION MANAGEMENT

OL09-00-000300 - OL 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed.DISA Oracle Linux 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

RHEL-07-021610 - The Red Hat Enterprise Linux operating system must be configured so that the file integrity tool is configured to verify extended attributes.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-09-651010 - RHEL 9 must have the AIDE package installed.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

SLES-15-010570 - The SUSE operating system must notify the System Administrator (SA) when Advanced Intrusion Detection Environment (AIDE) discovers anomalies in the operation of any security functions.DISA SUSE Linux Enterprise Server 15 STIG v2r4Unix

SYSTEM AND INFORMATION INTEGRITY

SQL4-00-016850 - SQL Server must have the Management Tools software component removed if it is unused.DISA STIG SQL Server 2014 Instance OS Audit v2r4Windows

CONFIGURATION MANAGEMENT

SQL4-00-033900 - SQL Server and Windows must enforce access restrictions associated with changes to the configuration of the SQL Server instance or database(s) - s.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

CONFIGURATION MANAGEMENT

SQL6-D0-015500 - SQL Server must generate audit records for all direct access to the database(s) - audits.DISA STIG SQL Server 2016 Instance DB Audit v3r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

UBTU-22-653035 - Ubuntu 22.04 LTS must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

AUDIT AND ACCOUNTABILITY

vCenter : block-unused-portsVMWare vSphere 5.X Hardening GuideVMware
VCENTER-000018 - The vCenter Administrator role must be secured and assigned to specific users other than a Windows Administrator.DISA STIG VMWare ESXi vCenter 5 STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCENTER-000031 - The vCenter Administrator role must be secured by assignment to specific users authorized as vCenter Administrators.DISA STIG VMWare ESXi vCenter 5 STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000278 - The vCenter Server must use unique service accounts when applications connect to vCenter.DISA VMware vSphere 8.0 vCenter STIG v2r2VMware

CONFIGURATION MANAGEMENT

VCST-67-000010 - The Security Token Service must not be configured with unused realms.DISA STIG VMware vSphere 6.7 STS Tomcat v1r3Unix

CONFIGURATION MANAGEMENT