Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.3.1 Restrict Access to SYSIBM.SYSAUDITPOLICIESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

6.1 Restrict Access to SYSCAT.AUDITPOLICIESCIS IBM DB2 9 Benchmark v3.0.1 Level 1 DBIBM_DB2DB

ACCESS CONTROL

6.1 Restrict Access to SYSCAT.AUDITPOLICIESCIS IBM DB2 9 Benchmark v3.0.1 Level 2 DBIBM_DB2DB

ACCESS CONTROL

9.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On'CIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

RISK ASSESSMENT

AIX7-00-002144 - The AIX /etc/syslog.conf file must be owned by root.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

AIX7-00-002145 - The AIX /etc/syslog.conf file must be group-owned by system.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

AIX7-00-002146 - The AIX /etc/syslog.conf file must have a mode of 0640 or less permissive.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

ALMA-09-045340 - AlmaLinux OS 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

BIND-9X-001041 - The BIND 9.x server implementation must be configured with a channel to send audit records to a local file.DISA BIND 9.x STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
F5BI-LT-000307 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound HTTP and HTTPS traffic to virtual servers.DISA F5 BIG-IP Local Traffic Manager STIG v2r4F5

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - AAA LDAP binding user should not be an adminTNS FireEyeFireEye

ACCESS CONTROL

FireEye - AAA user mapping sourceTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - FENet patch updates are applied automaticallyTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - FireEye Web MPS versionTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - Greylist URL listTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

FireEye - Inline blocking mode configurationTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - Inline blocking network whitelistsTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - Inline blocking signature policy exceptionsTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - IPMI is enabledTNS FireEyeFireEye

CONFIGURATION MANAGEMENT

FireEye - List patchesTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - Workorder statsTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

JUSX-AG-000146 - The Juniper SRX Services Gateway Firewall must generate an alert to, at a minimum, the ISSO and ISSM when unusual/unauthorized activities or conditions are detected during continuous monitoring of communications traffic as it traverses inbound or outbound across internal security boundaries.DISA Juniper SRX Services Gateway ALG v3r2Juniper

SYSTEM AND INFORMATION INTEGRITY

JUSX-IP-000009 - The Juniper Networks SRX Series Gateway IDPS must block any prohibited mobile code at the enclave boundary when it is detected.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

OL08-00-040300 - The OL 8 file integrity tool must be configured to verify extended attributes.DISA Oracle Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

PANW-IP-000043 - The Palo Alto Networks security platform must use a Vulnerability Protection Profile that blocks any critical, high, or medium threats.DISA STIG Palo Alto IDPS v3r1Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-08-040300 - The RHEL 8 file integrity tool must be configured to verify extended attributes.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

SLES-12-010510 - The SUSE operating system must notify the System Administrator (SA) when AIDE discovers anomalies in the operation of any security functions.DISA SLES 12 STIG v3r2Unix

SYSTEM AND INFORMATION INTEGRITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 104'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 108'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 109'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 110'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 113'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 117'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 118'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 128'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 129'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 134'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 135'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 152'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 171'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 172'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 175'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 177'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 178'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

UBTU-24-100840 - Ubuntu 24.04 LTS SSH server must be configured to use only FIPS 140-3 validated key exchange algorithms.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

ACCESS CONTROL

WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - SMTP NotificationOracle WebLogic Server 12c Linux v2r2Unix

AUDIT AND ACCOUNTABILITY

WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN19-00-000120 - Windows Server 2019 must have a host-based intrusion detection or prevention system.DISA Microsoft Windows Server 2019 STIG v3r4Windows

CONFIGURATION MANAGEMENT