Item Search

Name	Audit Name	Plugin	Category
1.2.2 Verify Red Hat GPG Key is Installed	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	SYSTEM AND INFORMATION INTEGRITY
1.4.3 Set 'username secret' for all local users	CIS Cisco IOS XE 17.x v2.2.1 L1	Cisco	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.6.1.4 Ensure SETroubleshoot is not installed	CIS Amazon Linux v2.1.0 L2	Unix	CONFIGURATION MANAGEMENT
2.4.5 Disable Remote Login	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
3.3.2.2 Set 'ip ospf message-digest-key md5'	CIS Cisco IOS 12 L2 v4.0.0	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.2.2 Set 'ip ospf message-digest-key md5'	CIS Cisco IOS XE 17.x v2.2.1 L1	Cisco	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.11 Ensure X-Powered-By Header is removed - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	CONFIGURATION MANAGEMENT
3.11 Ensure X-Powered-By Header is removed - Default	CIS IIS 10 v1.2.1 Level 2	Windows	CONFIGURATION MANAGEMENT
5.5.3 Ensure password reuse is limited	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.5.3 Ensure password reuse is limited	CIS Fedora 28 Family Linux Workstation L1 v2.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.7 Do not enable the 'root' account	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
BIND-9X-001550 - The core BIND 9.x server files must be owned by the root or BIND 9.x process account.	DISA BIND 9.x STIG v3r1	Unix	CONFIGURATION MANAGEMENT
DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-105 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to scan all file types.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-200 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must scan all media used for system maintenance prior to use.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	MAINTENANCE
DTAVSEL-301 - Access to the McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be enforced by firewall rules.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	CONFIGURATION MANAGEMENT
GEN009340 - Xserver login managers must not be running unless needed for X11 session management.	DISA AIX 5.3 STIG v1r2	Unix	CONFIGURATION MANAGEMENT
iOS Compliance Policy - Minimum password length	Tenable Best Practices for Microsoft Intune iOS v1.0	microsoft_azure	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
JBOS-AS-000025 - Java permissions must be set for hosted applications.	DISA JBoss Enterprise Application Platform 6.3 STIG v2r6	Unix	ACCESS CONTROL
JBOS-AS-000210 - mgmt-users.properties file permissions must be set to allow access to authorized users only.	DISA JBoss Enterprise Application Platform 6.3 STIG v2r6	Unix	CONFIGURATION MANAGEMENT
JBOS-AS-000250 - Any unapproved applications must be removed - Any unapproved applications must be removed.	DISA JBoss Enterprise Application Platform 6.3 STIG v2r6	Unix	CONFIGURATION MANAGEMENT
JBOS-AS-000305 - LDAP enabled security realm value allow-empty-passwords must be set to false.	DISA JBoss Enterprise Application Platform 6.3 STIG v2r6	Unix	IDENTIFICATION AND AUTHENTICATION
JBOS-AS-000625 - JBoss must be configured to use DoD PKI-established certificate authorities for verification of the establishment of protected sessions.	DISA JBoss Enterprise Application Platform 6.3 STIG v2r6	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
JBOS-AS-000640 - The JBoss server, when hosting mission critical applications, must be in a high-availability (HA) cluster.	DISA JBoss Enterprise Application Platform 6.3 STIG v2r6	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
OH12-1X-000253 - OHS must have the LoadModule ossl_module directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000254 - OHS must have the SSLFIPS directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLProtocol	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000256 - OHS must have the SSLCipherSuite directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000257 - OHS must have the LoadModule ossl_module directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLProtocol	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLWallet	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000260 - OHS must have the SSLCipherSuite directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
SonicWALL - PW Policy - Lockout Duration - >= 5 minutes	TNS SonicWALL v5.9	SonicWALL	ACCESS CONTROL
vCenter : use-supported-system	VMWare vSphere 5.X Hardening Guide	VMware
vCenter : verify-ssl-certificates	VMWare vSphere 5.X Hardening Guide	VMware
vNetwork : document-vlans	VMWare vSphere 5.X Hardening Guide	VMware
vNetwork : no-vgt-vlan-4095	VMWare vSphere 5.X Hardening Guide	VMware	CONFIGURATION MANAGEMENT
vNetwork : reject-promiscuous-mode - 'vSwitch'	VMWare vSphere 5.X Hardening Guide	VMware	SYSTEM AND COMMUNICATIONS PROTECTION
vNetwork : restrict-mgmt-network-access-gateway	VMWare vSphere 5.X Hardening Guide	VMware
vNetwork : set-non-negotiate	VMWare vSphere 5.X Hardening Guide	VMware
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - JAVA_OPTIONS	Oracle WebLogic Server 12c Linux v2r2 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - JAVA_OPTIONS	Oracle WebLogic Server 12c Windows v2r2	Windows	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATH	Oracle WebLogic Server 12c Linux v2r2 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATH	Oracle WebLogic Server 12c Windows v2r2	Windows	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - JAVA_OPTIONS	Oracle WebLogic Server 12c Linux v2r2	Unix	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - JAVA_OPTIONS	Oracle WebLogic Server 12c Linux v2r2 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search