Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.16 Ensure all S3 buckets have policy to require server-side and in transit encryption for all objects stored in bucket.CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1 Disable Bluetooth, if no paired devices exist - Bluetooth is disabledCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.1.1 Disable Bluetooth, if no paired devices exist - Bluetooth is pairedCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.8 Ensure monitoring and alerting exists for new share exposuresCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

3.1 Ensure each Auto-Scaling Group has an associated Elastic Load BalancerCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

CONFIGURATION MANAGEMENT

3.7 Ensure Relational Database Service backup retention policy is setCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

CONTINGENCY PLANNING

4.1 Ensure a SNS topic is created for sending out notifications from Cloudtwatch Alarms and Auto-Scaling GroupsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

4.2 Ensure a SNS topic is created for sending out notifications from RDS eventsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

5.1 Ensure all resources are correctly taggedCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

CONFIGURATION MANAGEMENT

5.2 Ensure AWS Elastic Load Balancer logging is enabledCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

Big Sur - Disable Accounts after 35 Days of InactivityNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Disable Accounts after 35 Days of InactivityNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Disable Accounts after 35 Days of InactivityNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Accounts after 35 Days of InactivityNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Accounts after 35 Days of InactivityNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Accounts after 35 Days of InactivityNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Accounts after 35 Days of InactivityNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

F5BI-AP-300042 - The F5 BIG-IP appliance that intermediary services for FTP must inspect inbound and outbound FTP communications traffic for protocol compliance and protocol anomalies.DISA F5 BIG-IP TMOS ALG STIG v1r2F5

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-LT-000305 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound FTP and FTPS communications traffic to virtual servers.DISA F5 BIG-IP Local Traffic Manager STIG v2r4F5

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - AAA LDAP binding user should not be an adminTNS FireEyeFireEye

ACCESS CONTROL

FireEye - AAA user mapping sourceTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - FENet patch updates are applied automaticallyTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - FireEye Web MPS versionTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - Greylist URL listTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - Inline blocking mode configurationTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - Inline blocking network whitelistsTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - Inline blocking signature policy exceptionsTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - Interface configurationTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - IPMI is enabledTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - List patchesTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - Login bannerTNS FireEyeFireEye

ACCESS CONTROL

FireEye - Usernames admin listTNS FireEyeFireEye

ACCESS CONTROL

FireEye - Usernames listTNS FireEyeFireEye

ACCESS CONTROL

FireEye - Workorder statsTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

Monterey - Disable Accounts after 35 Days of InactivityNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Accounts after 35 Days of InactivityNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Accounts after 35 Days of InactivityNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Accounts after 35 Days of InactivityNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Accounts after 35 Days of InactivityNIST macOS Monterey v1.0.0 - 800-171Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Accounts after 35 Days of InactivityNIST macOS Monterey v1.0.0 - 800-53r4 LowUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Accounts after 35 Days of InactivityNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Forwarding HostDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Review ProxiesDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - ExplicitDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - ExternalDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - InternalDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000660 - Symantec ProxySG providing content filtering must send an alert to, at a minimum, the ISSO and ISSM when detection events occur.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

SYSTEM AND INFORMATION INTEGRITY

WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events - HTTP Access LogOracle WebLogic Server 12c Linux v2r2Unix

AUDIT AND ACCOUNTABILITY

WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events - HTTP Access LogOracle WebLogic Server 12c Linux v2r2 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events.Oracle WebLogic Server 12c Windows v2r2Windows

AUDIT AND ACCOUNTABILITY