Item Search

Name	Audit Name	Plugin	Category
1.2.4 Use https for kubelet connections	CIS Red Hat OpenShift Container Platform v1.7.0 L1	OpenShift	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.29 Ensure that the --client-ca-file argument is set as appropriate	CIS Red Hat OpenShift Container Platform v1.7.0 L1	OpenShift	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.6.3 Ensure system wide crypto policy disables sha1 hash and signature support	CIS AlmaLinux OS 9 v2.0.0 L1 Server	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.6.3 Ensure system wide crypto policy is not set in sshd configuration	CIS SUSE Linux Enterprise 15 v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.6.6 Ensure system wide crypto policy disables chacha20-poly1305 for ssh	CIS AlmaLinux OS 9 v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.6.7 Ensure system wide crypto policy disables chacha20-poly1305 for ssh	CIS SUSE Linux Enterprise 15 v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.1 (L1) Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.1 Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.1 Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.2 (L1) Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.2 (L1) Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.2 Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.3 (L1) Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.8 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption' - Require NTLMv2 session security, Require 128-bit encryption	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.9 (L1) Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.9 (L1) Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher	CIS Microsoft Windows 11 Enterprise v4.0.0 L2	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.9 (L1) Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.9 (L1) Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.9 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption' - Require NTLMv2 session security, Require 128-bit encryption	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.11 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.3 Ensure 'log_error' Has Appropriate Permissions	CIS MySQL 8.0 Community Linux OS L1 v1.1.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.2.5 Ensure sshd Ciphers are configured	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.2.6 Ensure sshd Ciphers are configured	CIS CentOS Linux 7 v4.0.0 L1 Server	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.2.12 Ensure sshd KexAlgorithms is configured	CIS CentOS Linux 7 v4.0.0 L1 Server	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.2.12 Ensure sshd KexAlgorithms is configured	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.7.3.6 Ensure sshd Ciphers are configured	CIS IBM AIX 7 v1.0.0 L1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.2.12 Ensure sshd KexAlgorithms is configured	CIS SUSE Linux Enterprise 12 v3.2.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.3.1 (L1) Host iSCSI client, if enabled, must employ bidirectional/mutual CHAP authentication	CIS VMware ESXi 8.0 v1.1.0 L1	VMware	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.2 (L1) Virtual machines must require encryption for vMotion	CIS VMware ESXi 8.0 v1.1.0 L1	VMware	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2 Ensure 'ssl_type' is Set to 'ANY', 'X509', or 'SPECIFIED' for All Remote Users	CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database	MySQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
9.1 Ensure Replication Traffic is Secured	CIS MySQL 8.0 Community Database L1 v1.1.0	MySQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
10.1 Ensure All Group Replication Traffic is Secured	CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database	MySQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
10.4 Force SSL when accessing the manager application via HTTP	CIS Apache Tomcat 10.1 v1.1.0 L1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.25.3 (L1) Ensure 'Enable password encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.102.2.1 Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.102.2.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - Disabled	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.5 (L1) Ensure 'Set client connection encryption level' is set to 'Enabled: High Level'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.2 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.2 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.2.3 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.2.3 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search