Item Search

Name	Audit Name	Plugin	Category
1 - Application specific logging - start.jar --module=logging	TNS Best Practice Jetty 9 Linux	Unix
1.1 Install the latest fix packs	CIS IBM DB2 v10 v1.1.0 Database Level 2	IBM_DB2DB
1.1 Install the latest fix packs	CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux	Unix	SYSTEM AND INFORMATION INTEGRITY
1.1 Install the latest fix packs	CIS IBM DB2 v10 v1.1.0 Database Level 1	IBM_DB2DB
1.1 Install the latest fix packs	CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows	Windows	SYSTEM AND INFORMATION INTEGRITY
1.1 Install the latest fix packs	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux	Unix	SYSTEM AND INFORMATION INTEGRITY
1.1 Install the latest fix packs	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows	Windows	SYSTEM AND INFORMATION INTEGRITY
1.1.1 Install Available Updates	CIS IBM DB2 11 v1.1.0 Database Level 1	IBM_DB2DB	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
2 - Remove or Disable Example Content - enable-welcome-root	TNS Best Practice JBoss 7 Linux	Unix	CONFIGURATION MANAGEMENT
2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.LEVEL=INFO	TNS Best Practice Jetty 9 Linux	Unix	AUDIT AND ACCOUNTABILITY
2.2 Ensure that authorization is enabled for Cassandra databases	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0	Unix	ACCESS CONTROL
2.2 Ensure that authorization is enabled for Cassandra databases	CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0	Unix	ACCESS CONTROL
2.02 Version/Patches - 'Ensure the latest version of Oracle software and patches have been applied'	CIS v1.1.0 Oracle 11g OS Windows Level 1	Windows
3 - Audit Logging - Logger	TNS Best Practice JBoss 7 Linux	Unix	AUDIT AND ACCOUNTABILITY
3.8 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'	CIS Oracle Database 23ai v1.0.0 L1 RDBMS	OracleDB	ACCESS CONTROL
5.7.1 Enable Security Posture	CIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2	GCP	CONFIGURATION MANAGEMENT
7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.23 (L1) Virtual machines must restrict sharing of memory pages with other VMs	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	CONFIGURATION MANAGEMENT
8.7 Secure the permissions of the IBMLDAPSecurity.ini file	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux	Unix
12 - Restrict access to logs directory - mode	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
12 - Restrict access to logs directory - owner	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
12.18 Location of development database - 'Separate server from production database'	CIS v1.1.0 Oracle 11g OS L1	Unix
12.18 Location of development database - 'Separate server from production database'	CIS v1.1.0 Oracle 11g OS Windows Level 1	Windows
12.32 Distribution of tnsnames.ora files to clients - 'Include only tnsnames.ora when distributing to clients'	CIS v1.1.0 Oracle 11g OS L1	Unix
12.32 Distribution of tnsnames.ora files to clients - 'Include only tnsnames.ora when distributing to clients'	CIS v1.1.0 Oracle 11g OS Windows Level 1	Windows
15 - Authentication	TNS Best Practice JBoss 7 Linux	Unix	IDENTIFICATION AND AUTHENTICATION
15 - Restrict access to web application directory - owner	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
16 - ORB Subsystem - Initializers On	TNS Best Practice JBoss 7 Linux	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
16 - Restrict access to JETTY.policy - mode	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
17 - Restrict access to JETTY.properties - mode	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
19 - Restrict access to logging.properties - mode	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
20 - Enable Encryption	TNS Best Practice JBoss 7 Linux	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 1918 addresses (10.0.0.0/8)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 1918 addresses (172.16.0.0/12)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 3330 addresses (0.0.0.0/8)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 3330 addresses (198.51.100.0/24)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
DKER-EE-001960 - Privileged Linux containers must not be used for Docker Enterprise.	DISA STIG Docker Enterprise 2.x Linux/Unix v2r2	Unix	CONFIGURATION MANAGEMENT
DNS: A trusted secondary DNS server is configured	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-009 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being read from disk.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-019 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
ICMP: Do not return unreachable messages	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
Login: Configure Pre-login Banner	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	ACCESS CONTROL
Login: Exponential Backoff is set	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	ACCESS CONTROL
Login: ssh - v1 is disabled	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	CONFIGURATION MANAGEMENT
Spanning Tree: enable edge-port	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
Spanning Tree: enable root-guard	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
WBSP-AS-000940 - The WebSphere Application Server must remove JREs left by web server and plug-in installers in the DMZ.	DISA IBM WebSphere Traditional 9 Windows STIG v1r1	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search