Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3.3 Ensure sudo log file existsCIS SUSE Linux Enterprise 12 v3.2.1 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

1.3.3 Ensure sudo log file existsCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.39 listener.ora - 'secure_control_listener_name = (TCP,IPC)'CIS v1.1.0 Oracle 11g OS Windows Level 2Windows

ACCESS CONTROL

5.2.3 Ensure sudo log file existsCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3 Ensure sudo log file existsCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2 Ensure that MongoDB uses a non-default portCIS MongoDB 3.2 L1 Unix Audit v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2 Ensure that MongoDB uses a non-default portCIS MongoDB 3.4 L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

6.2 Ensure that MongoDB uses a non-default portCIS MongoDB L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

6.2 Ensure that MongoDB uses a non-default portCIS MongoDB 3.4 L1 Unix Audit v1.0.0Unix

CONFIGURATION MANAGEMENT

7.9 Lock Inactive User Accounts - Check if definact is set to 35.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

9.1.3.4 Ensure that 'Agentless scanning for machines' component status is set to 'On'CIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

RISK ASSESSMENT

CIS_Fedora_28_Family_Linux_Server_L1_v1.0.0.audit from CIS Fedora 19 Family Linux Benchmark v1.0.0CIS Fedora 19 Family Linux Server L1 v1.0.0Unix
CIS_Google_Chrome_Group_Policy_v1.0.0_L1.audit from CIS Google Chrome Group Policy Benchmark v1.0.0CIS Google Chrome Group Policy v1.0.0 L1Windows
CIS_Microsoft_Exchange_Server_2016_Level_1_Hub_v1.0.0.audit from CIS Microsoft Exchange Server 2016 v1.0.0 BenchmarkCIS Microsoft Exchange Server 2016 Hub v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Mozilla_Firefox_ESR_GPO_v1.0.0_L1.audit from CIS Mozilla Firefox ESR GPO Benchmark v1.0.0CIS Mozilla Firefox ESR GPO v1.0.0 L1Windows
CIS_Ubuntu_Linux_22.04_LTS_STIG_v1.0.0_CAT_III.audit from CIS Ubuntu Linux 22.04 LTS STIG Benchmark v1.0.0CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT IIIUnix
CIS_Ubuntu_Linux_24.04_LTS_STIG_v1.0.0_CAT_I.audit from CIS Ubuntu Linux 24.04 LTS STIG Benchmark v1.0.0CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT IUnix
CIS_Ubuntu_Linux_24.04_LTS_STIG_v1.0.0_CAT_II.audit from CIS Ubuntu Linux 24.04 LTS STIG Benchmark v1.0.0CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT IIUnix
F5BI-AS-000119 - The BIG-IP ASM module must be configured to automatically update malicious code protection mechanisms when providing content filtering to virtual servers.DISA F5 BIG-IP Application Security Manager STIG v2r2F5

SYSTEM AND INFORMATION INTEGRITY

FireEye - AAA is enabledTNS FireEyeFireEye

IDENTIFICATION AND AUTHENTICATION

FireEye - AAA lockout settings apply to the 'admin' userTNS FireEyeFireEye

ACCESS CONTROL

FireEye - AAA lockouts delay further attempts for at least 30 secondsTNS FireEyeFireEye

ACCESS CONTROL

FireEye - CLI commands do not hide any settings from administratorsTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - Email encryption certificates are verifiedTNS FireEyeFireEye

IDENTIFICATION AND AUTHENTICATION

FireEye - Greylists are enabledTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - Guest imagesTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - IPMI password needs to be setTNS FireEyeFireEye
FireEye - LDAP requires encryptionTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - Local logging level includes all errors and warningsTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - Local logging level is not overridden except by defaultsTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - Local logging retention configurationTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - Management interface is only accessible from specific IP rangesTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - NTP client is synchronizedTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - NTP client uses a custom serverTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - Remote syslog is enabledTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - Remote syslog logging level includes all errors and warningsTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - SNMP is enabledTNS FireEyeFireEye
FireEye - SNMP uses a secure community stringTNS FireEyeFireEye

IDENTIFICATION AND AUTHENTICATION

FireEye - SNMP v3 uses SHA instead of MD5TNS FireEyeFireEye

ACCESS CONTROL

FireEye - SSH connections must be SSHv2TNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - System events are emailed to administratorsTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - Time zone selectionTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - User 'admin' SSH access is disabledTNS FireEyeFireEye

ACCESS CONTROL

FireEye - Web users are logged out after 20 minutes of inactivity or lessTNS FireEyeFireEye

ACCESS CONTROL

FireEye - YARA policy applies both customer and FireEye rulesTNS FireEyeFireEye

SECURITY ASSESSMENT AND AUTHORIZATION

FireEye - YARA rules are enabledTNS FireEyeFireEye

SECURITY ASSESSMENT AND AUTHORIZATION

JUSX-IP-000016 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

ACCESS CONTROL

JUSX-IP-000019 - The Juniper Networks SRX Series Gateway IDPS must protect against or limit the effects of known types of Denial of Service (DoS) attacks by employing signatures.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

JUSX-IP-000024 - The Juniper Networks SRX Series Gateway IDPS must generate an alert to, at a minimum, the ISSO and ISSM when root-level intrusion events that provide unauthorized privileged access are detected.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

SYSTEM AND INFORMATION INTEGRITY

MS.EXO.11.3v1 - The phishing protection solution SHOULD include an AI-based phishing detection tool comparable to EOP Mailbox Intelligence.CISA SCuBA Microsoft 365 Exchange Online v1.5.0microsoft_azure

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY