Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.3.6.7 Set 'Interactive logon: Prompt user to change password before expiration' to '14 or more day(s)'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.1.15 Ensure nodev option set on /dev/shm partitionCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.2.4.2.2.23 Configure 'Configure TPM platform validation profile for BIOS-based firmware configurations'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.2.14 Ensure that the admission control plugin NamespaceLifecycle is setCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.4.2 Ensure authentication required for single user mode - rescue.serviceCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.1 Ensure core dumps are restricted - sysctlCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.2 Ensure core dumps are restrictedCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2 Configure 'Prevent Codec Download'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

3.8 Ensure Loopback interface address is setCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

4.1.3.9 Ensure discretionary access control permission modification events are collectedCIS CentOS Linux 8 Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.3.10 Ensure successful file system mounts are collectedCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.5.2 Ensure RIP is set to check for zero values in reserved fieldsCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

4.6.2 Ensure BFD Authentication is Not Set to Loose-CheckCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

5.2 Use LockOut RealmsCIS Apache Tomcat 11 v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

5.7.3 Apply Security Context to Your Pods and ContainersCIS Kubernetes v1.20 Benchmark v1.0.1 L2 MasterUnix

CONFIGURATION MANAGEMENT

6.5.1 Ensure ICMPv4 rate-limit is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

6.5.5 Ensure TCP RST is Set to DisabledCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.6.10 Ensure at least 4 set changes in local passwordsCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.6.11 Ensure local passwords are at least 10 charactersCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.19 Ensure Hostname is Not Set to Device Make or ModelCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.20 Ensure Default Address Selection is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

7.1 Ensure that the minimum number of manager nodes have been created in a swarmCIS Docker v1.8.0 L1 Docker SwarmUnix

CONFIGURATION MANAGEMENT

7.4 Ensure that Docker's secret management commands are used for managing secrets in a swarm clusterCIS Docker v1.8.0 L1 Docker SwarmUnix

CONFIGURATION MANAGEMENT

18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.5.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.5.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

18.5.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.5.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.5.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.5.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.5.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.5.6 Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.5.6 Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

CONFIGURATION MANAGEMENT

18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NGWindows

CONFIGURATION MANAGEMENT

18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NGWindows

CONFIGURATION MANAGEMENT

18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.9.95.2 Ensure 'Turn on PowerShell Transcription' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

CONFIGURATION MANAGEMENT

19.7.44.2.1 Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member ServerWindows

CONFIGURATION MANAGEMENT

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT