Item Search

Name	Audit Name	Plugin	Category
2.4 Configure TCP Wrappers - Allow localhost.	CIS Solaris 10 L1 v5.2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Configure TCP Wrappers - Deny access to this server from all networks	CIS Solaris 10 L1 v5.2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Configure TCP Wrappers - enable tcp_wrappers for inetd	CIS Solaris 10 L1 v5.2	Unix
2.4 Configure TCP Wrappers - enable tcp_wrappers for rpc/bind. Note: This check is recommended by CIS, but not required.	CIS Solaris 10 L1 v5.2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist.	CIS Solaris 10 L1 v5.2	Unix	CONFIGURATION MANAGEMENT
2.4 Configure TCP Wrappers - Make sure that /etc/hosts.deny does exist.	CIS Solaris 10 L1 v5.2	Unix	CONFIGURATION MANAGEMENT
3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set.	CIS Solaris 10 L1 v5.2	Unix	SYSTEM AND INFORMATION INTEGRITY
4.2 Enable Auditing of Incoming Network Connections	CIS Oracle Solaris 11.4 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.3 Enable Auditing of File Metadata Modification Events	CIS Oracle Solaris 11.4 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.3 Enable Debug Level Daemon Logging - Check if daemon.debug is set to /var/log/connlog	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
4.3 Enable Debug Level Daemon Logging/4.4 Capture syslog AUTH Messages - Check if svc:/system/system-log is online	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
4.4 Capture syslog AUTH Messages - Check if auth.info is set to var/log/authlog	CIS Solaris 10 L1 v5.2	Unix
4.4 Enable Auditing of Process and Privilege Events	CIS Oracle Solaris 11.4 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.9 Enable Kernel Level Auditing - Check audit condition is set to auditing	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
4.9 Enable Kernel Level Auditing - Check audit policies is set to arge,argv,cnt	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
4.9 Enable Kernel Level Auditing, Check if 'flags:lo,ad,cc' is set in /etc/security/audit_control.	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
4.9 Enable Kernel Level Auditing, Check if 'minfree:20' is set in /etc/security/audit_control.	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
4.9 Enable Kernel Level Auditing, Check if 'naflags:lo,ad,ex' is set in /etc/security/audit_control.	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
4.9 Enable Kernel Level Auditing, Check if 'root:lo,ad:no' is set in /etc/security/audit_user.	CIS Solaris 10 L1 v5.2	Unix	AUDIT AND ACCOUNTABILITY
6.1.1 Configure SSH - Check if Host * is set in /etc/ssh/ssh_config.	CIS Solaris 10 L1 v5.2	Unix	CONFIGURATION MANAGEMENT
6.9 Harden host operating system	CIS Sybase 15.0 L1 DB v1.1.0	SybaseDB
7.2 Set Password Expiration Parameters on Active Accounts - Check MAXWEEKS is set to 13	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.2 Set Password Expiration Parameters on Active Accounts - Check MINWEEKS is set to 1	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.2 Set Password Expiration Parameters on Active Accounts - Check WARNWEEKS is set to 4	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - Check DICTIONDBDIR is set to /var/passwd	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - Check DICTIONLIST is set to /usr/share/lib/dict/words	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - Check MAXREPEATS is set to 0	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - Check MINDIFF is set to 3	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - Check MINUPPER is set to 1	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - Check PASSLENGTH is set to 8	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - MINALPHA is set to 2	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - MINNONALPHA is set to 1	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.3 Set Strong Password Creation Policies - WHITESPACE is set to YES	CIS Solaris 10 L1 v5.2	Unix	IDENTIFICATION AND AUTHENTICATION
7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
7.6 Set Default umask for Users, Check if 'UMASK' is set to 077.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
7.7 Set Default umask for FTP Users - Check if 'defumask' is set to 077.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
7.9 Lock Inactive User Accounts - Check if definact is set to 35.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
8.2 Create Warning Banner for CDE Users - CDE package was not found	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is not set to default string.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is set appropriately.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
18.10.57.3.3.8 (L2) Ensure 'Restrict clipboard transfer from server to client' is set to 'Enabled: Disable clipboard transfers from server to client'	CIS Microsoft Windows Server 2025 v1.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.8 (L2) Ensure 'Restrict clipboard transfer from server to client' is set to 'Enabled: Disable clipboard transfers from server to client'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.8 (L2) Ensure 'Restrict clipboard transfer from server to client' is set to 'Enabled: Disable clipboard transfers from server to client'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.8 (L2) Ensure 'Restrict clipboard transfer from server to client' is set to 'Enabled: Disable clipboard transfers from server to client'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
AIOS-01-080006 - Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted.	AirWatch - DISA Apple iOS 10 v1r3	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
AIOS-12-010500 - Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted.	MobileIron - DISA Apple iOS 12 v2r1	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
AIOS-13-010500 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted.	MobileIron - DISA Apple iOS/iPadOS 13 v2r1	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
AIOS-16-010400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted.	MobileIron - DISA Apple iOS/iPadOS 16 v2r1	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
AIOS-16-710400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted.	AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
SQL6-D0-001900 - SQL Server must isolate security functions from non-security functions.	DISA STIG SQL Server 2016 Database Audit v3r2	MS_SQLDB	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search