Detections
Analytics

Item Search

NameAudit NamePluginCategory
5.3.1 Ensure AIDE is installedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.3.1 Ensure AIDE is installedCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.1.1 Ensure AIDE is installedCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.1.1 Ensure AIDE is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

18.9.47.15 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

SYSTEM AND INFORMATION INTEGRITY

All network interfaces are operating in full-duplex modeTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

DTAM165 - McAfee VirusScan On-Access Default Processes Policies must be configured to detect unwanted programs.DISA McAfee VirusScan 8.8 Managed Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

Enable only necessary and secure services, protocols, daemons - 'snapwatchd'TNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

Enable only necessary and secure services, protocols, daemons - 'sshd'TNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

Enable port locking by default on the VM guest networkTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Enable remote syslogTNS Citrix HypervisorUnix

AUDIT AND ACCOUNTABILITY

Install a trusted CA certificate on the poolTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

PANW-AG-000062 - The Palo Alto Networks security platform must drop malicious code upon detection.DISA STIG Palo Alto ALG v3r2Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

Passwords stored in 'secrets' are not visibleTNS Citrix HypervisorUnix

IDENTIFICATION AND AUTHENTICATION

SonicWALL - AAA - RADIUS server is trustedTNS SonicWALL v5.9SonicWALL

CONFIGURATION MANAGEMENT

SonicWALL - Content Filtering On - LANTNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

SonicWALL - Disable insecure services - HTTPTNS SonicWALL v5.9SonicWALL
SonicWALL - Flood Protection - Layer 2 - ThresholdTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 2 - WAN machinesTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - Enforce complianceTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - Handshake enforcementTNS SonicWALL v5.9SonicWALL
SonicWALL - Flood Protection - TCP - Max Seg LifetimeTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - Timeout <= 5 minutesTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - IDP ON - DMZTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - IDP ON - WANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Log Alert Emails - EnabledTNS SonicWALL v5.9SonicWALL

AUDIT AND ACCOUNTABILITY

SonicWALL - Logging Level - InformationTNS SonicWALL v5.9SonicWALL

AUDIT AND ACCOUNTABILITY

SonicWALL - Login Banner - Wireless ZoneTNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

SonicWALL - Password Policy - Affected User types - full-adminsTNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - minimum length >= 8TNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - Password Uniqueness >= 10TNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - User Lockout - EnabledTNS SonicWALL v5.9SonicWALL
SonicWALL - PW Policy - Lockout Duration - >= 5 minutesTNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

SonicWALL - Review the DNS Server SettingsTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - SNMP Community Name - 'public' or 'private'TNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - SSL Control ON - LANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - SSL Control ON - WANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Syslog server - >=1 server configuredTNS SonicWALL v5.9SonicWALL
SonicWALL - Use non default admin access ports - HTTPTNS SonicWALL v5.9SonicWALL

CONFIGURATION MANAGEMENT

XenServer - Enable only necessary and secure services, protocols, daemons - 'lwsmd'TNS Citrix XenServerUnix

CONFIGURATION MANAGEMENT

XenServer - Enable port locking by default on the VM guest networkTNS Citrix XenServerUnix
XenServer - Enable remote syslogTNS Citrix XenServerUnix

AUDIT AND ACCOUNTABILITY

XenServer - Ensure IP forwarding is disabledTNS Citrix XenServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

XenServer - External authentication is disabledTNS Citrix XenServerUnix
XenServer - Identify a network interface to be used for storage accessTNS Citrix XenServerUnix

CONFIGURATION MANAGEMENT

XenServer - Install a trusted CA certificate on the poolTNS Citrix XenServerUnix
XenServer - Restrict allowed IPv6 addresses used by each VM guestTNS Citrix XenServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

XenServer - Snapshots are not presentTNS Citrix XenServerUnix