Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.11 Disable Apache services - Make sure that network/http:apache2 is disabled.CIS Solaris 10 L1 v5.2Unix
3.7 Only enable Windows-compatibility servers if absolutely necessary - Ensure file /etc/rc3.d/S90samba does NOT exist.CIS Solaris 9 v1.3Unix

CONFIGURATION MANAGEMENT

4.13 Restrict access to Tomcat tomcat-users.xmlCIS Apache Tomcat 11 v1.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.13 Restrict access to Tomcat tomcat-users.xmlCIS Apache Tomcat 10.1 v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.13 Restrict access to Tomcat tomcat-users.xmlCIS Apache Tomcat 7 L1 v1.1.0Unix

ACCESS CONTROL

4.13 Restrict access to Tomcat tomcat-users.xmlCIS Apache Tomcat 7 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

4.13 Restrict access to Tomcat tomcat-users.xmlCIS Apache Tomcat 8 L1 v1.1.0Unix

ACCESS CONTROL

4.14 Restrict access to Tomcat web.xmlCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.14 Restrict access to Tomcat web.xmlCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.14 Restrict access to Tomcat web.xmlCIS Apache Tomcat 8 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

4.14 Restrict access to Tomcat web.xmlCIS Apache Tomcat 8 L1 v1.1.0Unix

ACCESS CONTROL

5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf <VirtualHost> RewriteEngine = on'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

SYSTEM AND INFORMATION INTEGRITY

8.3 Ensure All Default Apache Content Is Removed - 'httpd.conf Alias /icons/ /var/www/icons/ does not exists'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

8.3 Ensure All Default Apache Content Is Removed - 'httpd.conf Include conf/extra/httpd-autoindex.conf does not exists'CIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

8.3 Ensure All Default Apache Content Is Removed - 'httpd.conf Include conf/extra/httpd-autoindex.conf does not exists'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

9.1 Ensure the TimeOut Is Set ProperlyCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

9.1 Ensure the TimeOut Is Set ProperlyCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.1 Ensure the TimeOut Is Set ProperlyCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

CONFIGURATION MANAGEMENT

10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in productionCIS Apache Tomcat 10.1 v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in productionCIS Apache Tomcat 11 v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

18.9.69.3 (L2) Ensure 'Turn off the Store application' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

CONFIGURATION MANAGEMENT

20.34 Ensure 'Manually managed application account passwords are 14 characters in length'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

20.34 Ensure 'Manually managed application account passwords are 14 characters in length'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - MaxKeepAliveRequestsDISA STIG Apache Server 2.4 Unix Server v3r1 MiddlewareUnix

ACCESS CONTROL

AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests.DISA STIG Apache Server 2.4 Unix Server v3r1Unix

ACCESS CONTROL

AS24-U2-000470 - Cookies exchanged between the Apache web server and client, such as session cookies, must have security settings that disallow cookie access outside the originating Apache web server and hosted application.DISA STIG Apache Server 2.4 Unix Site v2r4 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000010 - The Apache web server must limit the number of allowed simultaneous session requests.DISA STIG Apache Server 2.4 Windows Server v3r1Windows

ACCESS CONTROL

AS24-W1-000010 - The Apache web server must limit the number of allowed simultaneous session requests.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

ACCESS CONTROL

AS24-W1-000280 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.DISA STIG Apache Server 2.4 Windows Server v3r1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000280 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000820 - The Apache web server must be protected from being stopped by a non-privileged user.DISA STIG Apache Server 2.4 Windows Server v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000820 - The Apache web server must be protected from being stopped by a non-privileged user.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000940 - All accounts installed with the Apache web server software and tools must have passwords assigned and default passwords changed.DISA STIG Apache Server 2.4 Windows Server v3r1Windows

CONFIGURATION MANAGEMENT

AS24-W1-000940 - All accounts installed with the Apache web server software and tools must have passwords assigned and default passwords changed.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

CONFIGURATION MANAGEMENT

AS24-W2-000830 - The Apache web server must be tuned to handle the operational requirements of the hosted application.DISA STIG Apache Server 2.4 Windows Site v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DISA_F5_BIG-IP_AFM_v2r2.audit from DISA F5 BIG-IP Advanced Firewall Manager v2r2 STIGDISA F5 BIG-IP Advanced Firewall Manager STIG v2r2F5
DISA_F5_BIG-IP_APM_v2r4.audit from DISA F5 BIG-IP Access Policy Manager v2r4 STIGDISA F5 BIG-IP Access Policy Manager STIG v2r4F5
DISA_F5_BIG-IP_LTM_v2r4.audit from DISA F5 BIG-IP Local Traffic Manager v2r4 STIGDISA F5 BIG-IP Local Traffic Manager STIG v2r4F5
DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_DTR_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIGDISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2Unix
DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_UCP_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIGDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix
DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIGDISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix
DISA_STIG_Microsoft_Excel_2010_v1r11.audit for Microsoft Excel 2010, from DISA STIG Microsoft Excel 2010 v1r11DISA STIG Office 2010 Excel v1r11Windows
DISA_STIG_Microsoft_PowerPoint_2016_v1r1.audit for Microsoft PowerPoint 2016, from DISA STIG Microsoft PowerPoint 2016 v1r1DISA STIG Microsoft PowerPoint 2016 v1r1Windows
DISA_STIG_Microsoft_Project_2016_v1r1.audit for Microsoft Project 2016, from DISA STIG Microsoft Project 2016 v1r1DISA STIG Microsoft Project 2016 v1r1Windows
DISA_STIG_Microsoft_Word_2016_v1r1.audit for Microsoft Word 2016, from DISA STIG Microsoft Word 2016 v1r1DISA STIG Microsoft Word 2016 v1r1Windows
DISA_STIG_VMware_vSphere_7.0_Photon_OS_v1r4.audit from DISA VMware vSphere 7.0 vCenter Appliance Photon OS v1r4 STIGDISA STIG VMware vSphere 7.0 Photon OS v1r4Unix
DISA_STIG_Windows_Firewall_v2r2.audit from DISA Microsoft Windows Defender Firewall with Advanced Security v2r2 STIGDISA Microsoft Windows Firewall v2r2Windows
EX19-ED-000122 - Active hyperlinks in messages from non .mil domains must be rendered unclickable.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

SYSTEM AND INFORMATION INTEGRITY

VCFL-67-000020 - vSphere Client must limit the number of allowed connections.DISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

VCST-67-000010 - The Security Token Service must not be configured with unused realms.DISA STIG VMware vSphere 6.7 STS Tomcat v1r3Unix

CONFIGURATION MANAGEMENT