Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1 Ensure the container host has been HardenedCIS Docker v1.8.0 L1 OS LinuxUnix

CONFIGURATION MANAGEMENT

1.6.5 Apply Security Context to Your Pods and ContainersCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix
1.8.7.2.1.3 Ensure 'Word 6.0 Binary Documents and Templates' is set to Enabled (Open/Save blocked, use open policy)CIS Microsoft Office Word 2016 v1.1.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.8 Ensure 'credentials' are not stored in configuration files - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

IDENTIFICATION AND AUTHENTICATION

2.8 Ensure 'credentials' are not stored in configuration files - DefaultCIS IIS 10 v1.2.1 Level 2Windows

IDENTIFICATION AND AUTHENTICATION

4.1 Create CIS Audit ClassCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Auditing of File Metadata Modification Events - AUE_CHMOD : cisCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Auditing of File Metadata Modification Events - AUE_CHMOD : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Auditing of File Metadata Modification Events - AUE_FCHMOD : cisCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Auditing of File Metadata Modification Events - AUE_LCHOWN : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

ESXi : apply-patchesVMWare vSphere 6.0 Hardening GuideVMware

SYSTEM AND INFORMATION INTEGRITY

ESXi : config-snmp - 'snmp.receiver.X.community'VMWare vSphere 6.0 Hardening GuideVMware

IDENTIFICATION AND AUTHENTICATION

ESXi : config-snmp - 'snmp.receiver.X.enabledVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

ESXi : enable-auth-proxyVMWare vSphere 6.0 Hardening GuideVMware

IDENTIFICATION AND AUTHENTICATION

ESXi : enable-chap-authVMWare vSphere 6.0 Hardening GuideVMware

IDENTIFICATION AND AUTHENTICATION

ESXi : enable-strict-lockdown-modeVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

ESXi : set-account-lockoutVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

ESXi : set-dcui-accessVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

ESXi : set-dcui-timeoutVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

ESXi : set-shell-timeoutVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

IIST-SI-000204 - A public IIS 10.0 website must only accept Secure Socket Layer (SSL) connections when authentication is required.DISA IIS 10.0 Site v2r14Windows

ACCESS CONTROL

IIST-SI-000214 - The IIS 10.0 website must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled.DISA IIS 10.0 Site v2r14Windows

CONFIGURATION MANAGEMENT

IIST-SV-000117 - The IIS 10.0 web server must not perform user management for hosted applications.DISA IIS 10.0 Server v3r6Windows

CONFIGURATION MANAGEMENT

IIST-SV-000117 - The IIS 10.0 web server must not perform user management for hosted applications.DISA IIS 10.0 Server v2r10Windows

CONFIGURATION MANAGEMENT

IIST-SV-000129 - The IIS 10.0 web server must perform RFC 5280-compliant certification path validation.DISA IIS 10.0 Server v2r10Windows

IDENTIFICATION AND AUTHENTICATION

IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.DISA IIS 10.0 Server v2r10Windows

SYSTEM AND INFORMATION INTEGRITY

IISW-SI-000210 - The IIS 8.5 website must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event.DISA IIS 8.5 Site v2r9Windows

AUDIT AND ACCOUNTABILITY

IISW-SI-000214 - The IIS 8.5 website must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled - MIME that invoke OS shell programs disabledDISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT

IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.DISA IIS 8.5 Site v2r9Windows

SYSTEM AND INFORMATION INTEGRITY

IISW-SI-000246 - Cookies exchanged between the IIS 8.5 website and the client must use SSL/TLS, have cookie properties set to prohibit client-side scripts from reading the cookie data and must not be compressed.DISA IIS 8.5 Site v2r9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SV-000117 - The IIS 8.5 web server must not perform user management for hosted applications.DISA IIS 8.5 Server v2r7Windows

CONFIGURATION MANAGEMENT

IISW-SV-000124 - The IIS 8.5 web server must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled - MIME that invoke OS shell programs disabledDISA IIS 8.5 Server v2r7Windows

CONFIGURATION MANAGEMENT

IISW-SV-000129 - The IIS 8.5 web server must perform RFC 5280-compliant certification path validation.DISA IIS 8.5 Server v2r7Windows

IDENTIFICATION AND AUTHENTICATION

VM : disable-console-copyVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-console-gui-optionsVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-console-pasteVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-disk-shrinking-shrinkVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-disk-shrinking-wiperVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-shellactionVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-unity-interlockVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-unity-taskbarVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-unity-unityactiveVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-unitypushVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-versiongetVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : prevent-device-interaction-editVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

VM : TransparentPageSharing-inter-VM-EnabledVMWare vSphere 6.0 Hardening GuideVMware

SYSTEM AND INFORMATION INTEGRITY

VM : verify-PCI-PassthroughVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

vNetwork : enable-bpdu-filterVMWare vSphere 6.0 Hardening GuideVMware
vNetwork : reject-forged-transmit - 'PortGroup'VMWare vSphere 6.0 Hardening GuideVMware

SYSTEM AND COMMUNICATIONS PROTECTION

vNetwork : restrict-netflow-usageVMWare vSphere 6.0 Hardening GuideVMware