Detections
Analytics

Item Search

NameAudit NamePluginCategory
6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 6 v1.2.0 L1 MongoDBUnix

CONFIGURATION MANAGEMENT

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 7 v1.2.0 L1 UnixUnix

CONFIGURATION MANAGEMENT

9.12 Set 'Turn off Crash Detection' to 'Enabled'CIS IE 10 v1.1.0Windows

CONFIGURATION MANAGEMENT

18.10.42.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

Auto-start is not enabledTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

CIS_Microsoft_Windows_Server_2022_Stand-alone_v1.0.0_L1_MS.audit from CIS Microsoft Windows Server 2022 Stand-alone Benchmark v1.0.0CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows
CIS_Microsoft_Windows_Server_2022_Stand-alone_v1.0.0_L2_MS.audit from CIS Microsoft Windows Server 2022 Stand-alone Benchmark v1.0.0CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L2 MSWindows
Disable promiscuous mode on all network interfacesTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

DTAM054 - McAfee VirusScan On-Demand scan must be configured to find unknown program threats.DISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM054 - McAfee VirusScan On-Demand scan must be configured to find unknown program threats.DISA McAfee VirusScan 8.8 Managed Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAM105 - McAfee VirusScan On-Access Scanner All Processes settings must be configured to find unknown macro viruses.DISA McAfee VirusScan 8.8 Local Client STIG v6r1Windows

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-005 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-005 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

Enable only necessary and secure services, protocols, daemons - 'lwsmd'TNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

Enable QoS on all VM guestsTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IP forwarding is disabledTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

HP ProCurve - 'Enable SFTP'TNS HP ProCurveHPProCurve

SYSTEM AND COMMUNICATIONS PROTECTION

HP ProCurve - 'Secure Management VLAN is enabled'TNS HP ProCurveHPProCurve

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Identify a network interface to be used for storage accessTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

JUSX-IP-000013 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

ACCESS CONTROL

Snapshots are not presentTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - AAA - RADIUS server is trustedTNS SonicWALL v5.9SonicWALL

CONFIGURATION MANAGEMENT

SonicWALL - Content Filtering On - LANTNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

SonicWALL - Disable insecure services - HTTPTNS SonicWALL v5.9SonicWALL
SonicWALL - Flood Protection - Layer 2 - ThresholdTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 2 - WAN machinesTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - Enforce complianceTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - Max Seg LifetimeTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Log Alert Emails - EnabledTNS SonicWALL v5.9SonicWALL

AUDIT AND ACCOUNTABILITY

SonicWALL - Login Banner - Wireless ZoneTNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

SonicWALL - Password Policy - Affected User types - full-adminsTNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - minimum length >= 8TNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - Password Uniqueness >= 10TNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - User Lockout - EnabledTNS SonicWALL v5.9SonicWALL
SonicWALL - Review the DNS Server SettingsTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - SNMP Community Name - 'public' or 'private'TNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - SSL Control ON - LANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - SSL Control ON - WANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Syslog server - >=1 server configuredTNS SonicWALL v5.9SonicWALL
SonicWALL - Use non default admin access ports - HTTPTNS SonicWALL v5.9SonicWALL

CONFIGURATION MANAGEMENT

Use a static IP on the management network interfaceTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

XenServer - Enable only necessary and secure services, protocols, daemons - 'sshd'TNS Citrix XenServerUnix

CONFIGURATION MANAGEMENT

XenServer - Enable port locking by default on the VM guest networkTNS Citrix XenServerUnix
XenServer - Enable remote syslogTNS Citrix XenServerUnix

AUDIT AND ACCOUNTABILITY

XenServer - Ensure IP forwarding is disabledTNS Citrix XenServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

XenServer - Identify a network interface to be used for storage accessTNS Citrix XenServerUnix

CONFIGURATION MANAGEMENT

XenServer - Install a trusted CA certificate on the poolTNS Citrix XenServerUnix