Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.3.1 Restrict Access to SYSIBM.SYSAUDITPOLICIESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

6.1 Restrict Access to SYSCAT.AUDITPOLICIESCIS IBM DB2 9 Benchmark v3.0.1 Level 1 DBIBM_DB2DB

ACCESS CONTROL

6.1 Restrict Access to SYSCAT.AUDITPOLICIESCIS IBM DB2 9 Benchmark v3.0.1 Level 2 DBIBM_DB2DB

ACCESS CONTROL

9.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On'CIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

RISK ASSESSMENT

AIX7-00-002144 - The AIX /etc/syslog.conf file must be owned by root.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

AIX7-00-002145 - The AIX /etc/syslog.conf file must be group-owned by system.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

ALMA-09-045340 - AlmaLinux OS 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
F5BI-LT-000307 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound HTTP and HTTPS traffic to virtual servers.DISA F5 BIG-IP Local Traffic Manager STIG v2r4F5

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - AAA user mapping sourceTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - FENet patch updates are applied automaticallyTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - FireEye Web MPS versionTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - Greylist URL listTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - Inline blocking mode configurationTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - Inline blocking network whitelistsTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - Inline blocking signature policy exceptionsTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - IPMI is enabledTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - List patchesTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - Workorder statsTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

JUSX-AG-000146 - The Juniper SRX Services Gateway Firewall must generate an alert to, at a minimum, the ISSO and ISSM when unusual/unauthorized activities or conditions are detected during continuous monitoring of communications traffic as it traverses inbound or outbound across internal security boundaries.DISA Juniper SRX Services Gateway ALG v3r2Juniper

SYSTEM AND INFORMATION INTEGRITY

JUSX-IP-000009 - The Juniper Networks SRX Series Gateway IDPS must block any prohibited mobile code at the enclave boundary when it is detected.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

OL08-00-040300 - The OL 8 file integrity tool must be configured to verify extended attributes.DISA Oracle Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040300 - The RHEL 8 file integrity tool must be configured to verify extended attributes.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

SLES-12-010510 - The SUSE operating system must notify the System Administrator (SA) when AIDE discovers anomalies in the operation of any security functions.DISA SLES 12 STIG v3r2Unix

SYSTEM AND INFORMATION INTEGRITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 104'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 105'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 108'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 109'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 110'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 111'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 113'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 116'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 117'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 118'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 128'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 129'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 130'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 131'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 134'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 135'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 152'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 171'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 172'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 175'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 177'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 178'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - SMTP NotificationOracle WebLogic Server 12c Linux v2r2Unix

AUDIT AND ACCOUNTABILITY

WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN19-00-000120 - Windows Server 2019 must have a host-based intrusion detection or prevention system.DISA Microsoft Windows Server 2019 STIG v3r4Windows

CONFIGURATION MANAGEMENT