Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.3.1 Ensure separate partition exists for /homeCIS Debian Linux 12 v1.1.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4 Ensure nosuid option set on /tmp partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.3 Ensure that the controller manager pod specification file permissions are set to 600 or more restrictiveCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.3 Ensure noexec option set on /var partitionCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.3 Ensure noexec option set on /var partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.2 Ensure noexec option set on /var/tmp partitionCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.2 Ensure noexec option set on /var/tmp partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.3 Ensure nosuid option set on /var/tmp partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.5 Ensure that the scheduler pod specification file permissions are set to 600 or more restrictiveCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.2 Ensure nodev option set on /var/log partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.3 Ensure noexec option set on /var/log partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.4 Ensure nosuid option set on /var/log partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.2 Ensure noexec option set on /var/log/audit partitionCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.2 Ensure noexec option set on /var/log/audit partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.3 Ensure nodev option set on /var/log/audit partitionCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7 Ensure that the etcd pod specification file permissions are set to 600 or more restrictiveCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.4 Ensure usrquota option set on /home partitionCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.3 Ensure nosuid option set on /dev/shm partitionCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.3 Ensure nosuid option set on /dev/shm partitionCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.17 Ensure that the Controller Manager kubeconfig file permissions are set to 600 or more restrictiveCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.2.7 Ensure that the --authorization-mode argument is not set to AlwaysAllowCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.2.11 Ensure that the admission control plugin AlwaysPullImages is not setCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.2.12 Ensure that the admission control plugin ServiceAccount is setCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.5.1.6 Ensure permissions on /etc/issue.net are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.6.1.2 Ensure SELinux is not disabled in bootloader configurationCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.6.1.5 Ensure the SELinux mode is enforcingCIS Fedora 28 Family Linux Server L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.6.1.6 Ensure no unconfined services existCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.2 Ensure 'log_bin_basename' Files Have Appropriate PermissionsCIS MySQL 8.0 Community Linux OS L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.4 Ensure that docker.socket file permissions are set to 644 or more restrictiveCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL, MEDIA PROTECTION

3.5 Ensure 'relay_log_basename' Files Have Appropriate PermissionsCIS MySQL 8.0 Community Linux OS L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.8 Ensure that registry certificate file permissions are set to 444 or more restrictivelyCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.1 Ensure that the kubelet service file permissions are set to 644 or more restrictiveCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.6 Ensure No World Writable Folders Exist in the Library FolderCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6.2 Ensure system accounts are securedCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.8 Ensure 'REPLICATION SLAVE' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Community Database L1 v1.1.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.9 Ensure DML/DDL Grants are Limited to Specific Databases and UsersCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 DatabaseMySQLDB

ACCESS CONTROL, MEDIA PROTECTION

6.1.5 Ensure permissions on /etc/group are configuredCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.14 Audit SUID executablesCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.4 Ensure the audit log file directory mode is configuredCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.5 Ensure audit configuration files mode is configuredCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.7 Ensure audit configuration files group owner is configuredCIS Debian Linux 12 v1.1.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.8 Ensure audit tools mode is configuredCIS Debian Linux 12 v1.1.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.9 Ensure audit tools owner is configuredCIS Debian Linux 12 v1.1.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.10 Ensure audit tools group owner is configuredCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.8 Ensure users' home directories permissions are 750 or more restrictiveCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.9 Ensure users own their home directoriesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.12 Ensure users' dot files are not group or world writableCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

7.6 Ensure No Users Have Wildcard HostnamesCIS MySQL 8.0 Community Database L1 v1.1.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION