Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.4 Ensure excessive DML privileges are revokedCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

4.5 Ensure Row Level Security (RLS) is configured correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

ACLs: Filter for RFC 3330 addresses (192.0.2.0/24)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

ACLs: Filter for RFC 3330 addresses (240.0.0.0/4)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

Authentication: local authentication is available as a last resortTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION

BGP: Disable Capability NegotiationTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - Admin password lockout >= 300 secondsTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Admin SCP - 'disabled'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Alert Emails - 'admin address'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND INFORMATION INTEGRITY

Fortigate - Antispam License - Not ExpiredTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Disable auto USB installation - 'config'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Does not use self-signed certificate - 'user'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - External Logging - 'fortianalyzer2'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Login Banner - post-login-bannerTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Password Complexity - 1 uppercase letterTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Password Complexity - at least 1 charTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Password Complexity - length >= 8TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Password Expiry date <= 30 daysTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - RADIUS, LDAP, or TACACS+ response wait periodTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - SNMP is enabledTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - SNMP v3 uses SHA instead of MD5TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - Syslog2 Logging - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Syslogd Logging - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Use non default admin access ports - 'HTTPS'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Webfilter License - Not ExpiredTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Password Complexity: Require a minimum length of 8 charactersTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : AuthConfig - 'Auth Providers = Facebook'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Key'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Key'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Issuer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Default Scope'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - No SSO Auth Providers have been configuredTNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : CronTrigger - 'Cron Jobs with Status of BLOCKED'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'AddressInactiveAction != 2'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'FunctionInactiveAction != 2'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Monitoring Login History - 'Inactive System Administrators'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'Minimum 1 day password lifetime'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Password Policies - 'Obscure secret answer for password resets = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Password Policies - 'passwords expire >= 90'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup Salesforce pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Review Apex Mobile User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Call Center Auto-Login Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Chatter Answers Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Offline User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Salesforce Knowledge Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
SNMP: Use SNMPv3 onlyTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION

Time: System has a primary NTP server setTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY

TiMOS/SR-OS : OS Version is up to dateTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

CONFIGURATION MANAGEMENT