Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.8 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.4 Verify That the MYSQL_PWD Environment Variable is Not in UseCIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.4.3 Set 'username secret' for all local usersCIS Cisco IOS XE 17.x v2.1.1 L1Cisco

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6 Verify That 'MYSQL_PWD' is Not Set in Users' ProfilesCIS MySQL 8.0 Community Linux OS L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1.1.1 Ensure Critical Data is Encrypted with Microsoft Managed Keys (MMK)CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure Binary and Relay Logs are EncryptedCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure that encryption-at-rest is enabled for RDS instancesCIS Amazon Web Services Foundations v5.0.0 L1amazon_aws

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 (L2) Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Microsoft Windows 10 Stand-alone v3.0.0 L2 NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User must enter a password each time they use a key'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure 'cookie protection mode' is configured for forms authentication - DefaultCIS IIS 10 v1.2.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure 'passwordFormat' is not set to clear - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Ensure rotation for customer-created symmetric CMKs is enabledCIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.3.4 Ensure pam_pwhistory includes use_authtokCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.3.3 Ensure pam_pwhistory includes use_authtokCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS Red Hat EL8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.4 Ensure pam_unix includes use_authtokCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS Oracle Linux 8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS Red Hat EL8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS Oracle MySQL Community Server 8.4 v1.0.0 L2 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure Kubernetes Secrets are encrypted using keys managed in Cloud KMSCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.5.1.6 Ensure shadow file is configured to use only encrypted representations of passwordsCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.9.1 Enable Customer-Managed Encryption Keys (CMEK) for GKE Persistent Disks (PD)CIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensured 'HashPassword' is set in UsernameToken WS-Security policyCIS IBM WebSphere Liberty v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.3 Ensure CallbackHandler is used to access private keys in keystore filesCIS IBM WebSphere Liberty v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.3.5 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.3.5 Ensure 'WDigest Authentication' is set to 'Disabled' - DisabledCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.3.9 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.6 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.8 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION