Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 Ensure that the --basic-auth-file argument is not setCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.3.11.5 'Network Security: Restrict NTLM: NTLM authentication in this domain'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.2.4.2.2.26 Configure 'Disallow standard users from changing the PIN or password'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 (L1) Configure 'Accounts: Rename administrator account'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.1.4 (L1) Configure 'Accounts: Rename administrator account'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.1.4 (L1) Configure 'Accounts: Rename administrator account'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.1.4 (L1) Configure 'Accounts: Rename administrator account'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.4 (L1) Configure 'Accounts: Rename administrator account'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.4 (L1) Configure 'Accounts: Rename administrator account'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.4 (L1) Configure 'Accounts: Rename guest account'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.4 (L1) Configure 'Accounts: Rename guest account'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.5 (L1) Configure 'Accounts: Rename guest account'CIS Windows Server 2012 DC L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.1.5 (L1) Configure 'Accounts: Rename guest account'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.1.5 (L1) Configure 'Accounts: Rename guest account'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.1.5 (L1) Configure 'Accounts: Rename guest account'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.5 Configure 'Accounts: Rename administrator account'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.5 Configure 'Accounts: Rename administrator account'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.6 Configure 'Accounts: Rename guest account'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.6 Configure 'Accounts: Rename guest account'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

3.7 Ensure 'PASSWORD_ROLLOVER_TIME' Is set to '0'CIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

IDENTIFICATION AND AUTHENTICATION

4.2.6 Ensure SSH PAM is enabledCIS Amazon Linux 2023 Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

4.5.3.1 Ensure nologin is not listed in /etc/shellsCIS Rocky Linux 8 Server L2 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

4.5.3.1 Ensure nologin is not listed in /etc/shellsCIS Red Hat Enterprise Linux 7 v4.0.0 L2 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

4.5.6 Ensure nologin is not listed in /etc/shellsCIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1Unix

IDENTIFICATION AND AUTHENTICATION

4.5.6 Ensure nologin is not listed in /etc/shellsCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.2 Securely Authenticate Dynamic Updates - allow-update none or localhostCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3 Securely Authenticate Update ForwardingCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.1.1 Ensure latest version of pam is installedCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.1.3 Ensure libpam-pwquality is installedCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.3.1.3 Ensure libpam-pwquality is installedCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.3.3 Ensure user daemon is securedCIS IBM AIX 7 v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3.5 Ensure user lpd is securedCIS IBM AIX 7 v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3.8 Ensure user sys is securedCIS IBM AIX 7 v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3.10 Ensure System Accounts cannot access system using ftp.CIS IBM AIX 7 v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.4.4 Ensure password hashing algorithm is SHA-512 - password-authCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.10 Set SSH PermitEmptyPasswords to no - Check if PermitEmptyPasswords is set to no and not commented for the serverCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

6.2.4 Ensure no legacy '+' entries exist in /etc/shadow - + entries exist in /etc/shadowCIS CentOS 6 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.14 Ensure no users have .rhosts filesCIS CentOS 6 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.7 Blocking Authentication Using Empty/Null Passwords for SSHCIS Solaris 11.2 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Enable DNSSEC Validation - dnssec-enableCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

IDENTIFICATION AND AUTHENTICATION

18.8.3.1 Ensure 'Include command line in process creation events' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION

18.9.25.7 (L1) Ensure 'Post-authentication actions: Grace period (hours)' is set to 'Enabled: 8 or fewer hours, but not 0'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

49.4 (L1) Configure 'Accounts: Rename guest account'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

Allow Custom SSPs and APs to be loaded into LSASSMSCT Windows 11 v23H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Configuring a secure password policy for the BIG-IP system - Secure Password EnforcementTenable F5 BIG-IP Best Practice AuditF5

IDENTIFICATION AND AUTHENTICATION

OpenStack Compute - keystone used for authenticationTNS OpenStack Nova/Compute Security GuideUnix

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - Complexity LevelTNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION