Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.1 Ensure 'extproc' Is Not EnabledCIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS WindowsWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1 Ensure 'extproc' Is Not EnabledCIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS UnixUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4 Ensure 'LOCAL_LISTENER' Is Set AppropriatelyCIS Oracle Server 11g R2 DB v2.2.0OracleDB
2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databasesCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databasesCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

3.4 Ensure SQL Authentication is not used in contained databasesCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

3.4 Ensure SQL Authentication is not used in contained databasesCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

3.10 Ensure the public role in the msdb database is not granted access to SQL Agent proxiesCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxiesCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

IBM HTTP Server is installed and running on the systemTNS IBM HTTP Server Best PracticeUnix
Salesforce.com : AuthConfig - 'Auth Providers = Facebook Consumer Key'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Facebook Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Janrain Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Janrain Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Janrain Execution User ID'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Janrain is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Authorized Endpoint URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Default Scope'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Execution User ID'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : CronTrigger - 'Cron Jobs with Status of ERROR'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'IsAuthenticationRequired = True'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Monitoring Login History - 'Inactive users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Monitoring Login History - 'No users are frozen'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Network-Based Security - 'Trusted IP Range has been defined'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Network-Based Security - 'Trusted IP Ranges exist'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Object Permissions - 'DefaultCalendarAccess should not be Show Details or Show Details and Add Events'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Object Permissions - 'DefaultCaseAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Object Permissions - 'DefaultContactAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'invalid login attempts <= 5'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'password history >= 3'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Session Security - 'Disable timeout warning = false'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Setting Session Security - 'Enable clickjack protection for setup pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Enable CSRF protection on GET requests on non-setup pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Force relogin after Login-As-User = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

SalesForce.com : Setting Session Security - 'Review Active Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
SalesForce.com : Setting Session Security - 'Review Inactive Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Users that have not changed their password recently'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL