Item Search

Name	Audit Name	Plugin	Category
2.0 Install & Config - 'Disable FTP'	TNS NetApp Data ONTAP 7G	NetApp	CONFIGURATION MANAGEMENT
2.1.1 Disable Bluetooth, if no paired devices exist	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix
2.1.1 Disable Bluetooth, if no paired devices exist - Bluetooth is paired	CIS Apple OSX 10.11 El Capitan L1 v1.1.0	Unix	CONFIGURATION MANAGEMENT
2.8 Ensure monitoring and alerting exists for new share exposures	CIS Snowflake Foundations v1.0.0 L1	Snowflake	AUDIT AND ACCOUNTABILITY
3.2 Data ONTAP (Software) Mgmt - 'Set SSH login banner'	TNS NetApp Data ONTAP 7G	NetApp	ACCESS CONTROL
5.1 MultiStore - 'MultiStore protocol is disabled'	TNS NetApp Data ONTAP 7G	NetApp	CONFIGURATION MANAGEMENT
5.2 SnapMirror - 'replication.throttle.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
5.2 SnapMirror - 'snapmirror.allow file should be reviewed'	TNS NetApp Data ONTAP 7G	NetApp
5.3 SnapVault - 'SnapVault protocol is disabled'	TNS NetApp Data ONTAP 7G	NetApp	CONFIGURATION MANAGEMENT
5.4 CIFS - 'cifs.audit.autosave.ontime.interval has been configured'	TNS NetApp Data ONTAP 7G	NetApp	AUDIT AND ACCOUNTABILITY
5.4 CIFS - 'cifs.LMCompatibilityLevel <= 3'	TNS NetApp Data ONTAP 7G	NetApp	ACCESS CONTROL
5.4 CIFS - 'cifs.smb2.signing.required = on'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
5.4 CIFS - 'dns.update.enable = on or secure'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
5.4 CIFS - 'ldap.security.level = 1 or 2'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
5.4 CIFS - 'ldap.ssl.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
5.4 CIFS - 'timed.servers has been configured'	TNS NetApp Data ONTAP 7G	NetApp	AUDIT AND ACCOUNTABILITY
5.5 NFS - 'nfs.kerberos.file_keytab.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
5.5 NFS - 'nfs.v4.write_delegation = on'	TNS NetApp Data ONTAP 7G	NetApp	CONFIGURATION MANAGEMENT
6.1 Restrict Access to SYSCAT.AUDITPOLICIES	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB	IBM_DB2DB	ACCESS CONTROL
6.1 Restrict Access to SYSCAT.AUDITPOLICIES	CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB	IBM_DB2DB	ACCESS CONTROL
AIX7-00-002144 - The AIX /etc/syslog.conf file must be owned by root.	DISA STIG AIX 7.x v3r1	Unix	CONFIGURATION MANAGEMENT
AIX7-00-002145 - The AIX /etc/syslog.conf file must be group-owned by system.	DISA STIG AIX 7.x v3r1	Unix	CONFIGURATION MANAGEMENT
AIX7-00-002146 - The AIX /etc/syslog.conf file must have a mode of 0640 or less permissive.	DISA STIG AIX 7.x v3r1	Unix	CONFIGURATION MANAGEMENT
ALMA-09-045340 - AlmaLinux OS 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed.	DISA CloudLinux AlmaLinux OS 9 STIG v1r3	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
APPL-15-003080 - The macOS system must disable accounts after 35 days of inactivity.	DISA Apple macOS 15 Sequoia STIG v1r5	Unix	ACCESS CONTROL
BIND-9X-001041 - The BIND 9.x server implementation must be configured with a channel to send audit records to a local file.	DISA BIND 9.x STIG v2r3	Unix	AUDIT AND ACCOUNTABILITY
BIND-9X-001042 - The BIND 9.x server implementation must maintain at least 3 file versions of the local log file.	DISA BIND 9.x STIG v2r3	Unix	AUDIT AND ACCOUNTABILITY
Brocade - Bottleneck alerts must be enabled	Tenable Best Practices Brocade FabricOS	Brocade	AUDIT AND ACCOUNTABILITY
F5BI-AP-300041 - The F5 BIG-IP appliance that provides intermediary services for SMTP must inspect inbound and outbound SMTP and Extended SMTP communications traffic for protocol compliance and protocol anomalies.	DISA F5 BIG-IP TMOS ALG STIG v1r2	F5	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
F5BI-LT-000303 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound SMTP and Extended SMTP communications traffic to virtual servers.	DISA F5 BIG-IP Local Traffic Manager STIG v2r4	F5	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
FireEye - Login banner	TNS FireEye	FireEye	ACCESS CONTROL
FireEye - Usernames admin list	TNS FireEye	FireEye	ACCESS CONTROL
FireEye - Usernames list	TNS FireEye	FireEye	ACCESS CONTROL
FireEye - Web-analysis incident list	TNS FireEye	FireEye	AUDIT AND ACCOUNTABILITY
JUSX-IP-000009 - The Juniper Networks SRX Series Gateway IDPS must block any prohibited mobile code at the enclave boundary when it is detected.	DISA Juniper SRX Services Gateway IDPS v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUSX-VN-000008 - The Juniper SRX Services Gateway VPN must be configured to use IPsec with SHA256 or greater to negotiate hashing to protect the integrity of remote access sessions.	DISA Juniper SRX Services Gateway VPN v3r2	Juniper	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
OL09-00-000300 - OL 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed.	DISA Oracle Linux 9 STIG v1r3	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
PANW-AG-000062 - The Palo Alto Networks security platform must drop malicious code upon detection.	DISA STIG Palo Alto ALG v3r4	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
PANW-IP-000043 - The Palo Alto Networks security platform must use a Vulnerability Protection Profile that blocks any critical, high, or medium threats.	DISA STIG Palo Alto IDPS v3r2	Palo_Alto	SYSTEM AND COMMUNICATIONS PROTECTION
RHEL-06-000285 - The system must have a host-based intrusion detection tool installed - hipclient process	DISA Red Hat Enterprise Linux 6 STIG v2r2	Unix	CONFIGURATION MANAGEMENT
RHEL-06-000285 - The system must have a host-based intrusion detection tool installed - MFEhiplsm	DISA Red Hat Enterprise Linux 6 STIG v2r2	Unix	CONFIGURATION MANAGEMENT
SLES-12-010510 - The SUSE operating system must notify the System Administrator (SA) when AIDE discovers anomalies in the operation of any security functions.	DISA SLES 12 STIG v3r3	Unix	SYSTEM AND INFORMATION INTEGRITY
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Review Proxies	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - Internal	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
SYMP-AG-000660 - Symantec ProxySG providing content filtering must send an alert to, at a minimum, the ISSO and ISSM when detection events occur.	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	SYSTEM AND INFORMATION INTEGRITY
UBTU-24-100840 - Ubuntu 24.04 LTS SSH server must be configured to use only FIPS 140-3 validated key exchange algorithms.	DISA Canonical Ubuntu 24.04 LTS STIG v1r2	Unix	ACCESS CONTROL
WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events - HTTP Access Log	Oracle WebLogic Server 12c Linux v2r2 Middleware	Unix	AUDIT AND ACCOUNTABILITY
WN12-CC-000065 - The detection of compatibility issues for applications and drivers must be turned off.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN19-00-000120 - Windows Server 2019 must have a host-based intrusion detection or prevention system.	DISA Microsoft Windows Server 2019 STIG v3r5	Windows	CONFIGURATION MANAGEMENT
WN22-00-000120 - Windows Server 2022 must have a host-based intrusion detection or prevention system.	DISA Microsoft Windows Server 2022 STIG v2r5	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search