Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4 Set 'login authentication for 'line con 0'CIS Cisco IOS 12 L1 v4.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

2.1 Ensure that authentication is enabled for MongoDB databasesCIS MongoDB L1 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 4 L1 OS Windows v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 5 L1 OS Windows v1.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 7 v1.1.0 L1 MongoDBUnix

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 6 v1.2.0 L1 MongoDBWindows

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - clusterAuthModeCIS MongoDB L2 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.13 Set 'Allow access to voicemail without requiring a PIN' to 'False'CIS Microsoft Exchange Server 2013 UM v1.1.0Windows

IDENTIFICATION AND AUTHENTICATION

4.4 Use Active Directory for local user authentication - Review DomainCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

IDENTIFICATION AND AUTHENTICATION

5.2.2.2 (L1) Ensure multifactor authentication is enabled for all usersCIS Microsoft 365 Foundations v4.0.0 L1 E3microsoft_azure

IDENTIFICATION AND AUTHENTICATION

5.2.2.2 (L1) Ensure multifactor authentication is enabled for all usersCIS Microsoft 365 Foundations v4.0.0 L1 E5microsoft_azure

IDENTIFICATION AND AUTHENTICATION

5.2.3.4 (L1) Ensure all member users are 'MFA capable'CIS Microsoft 365 Foundations v4.0.0 L1 E5microsoft_azure

IDENTIFICATION AND AUTHENTICATION

5.2.3.4 (L1) Ensure all member users are 'MFA capable'CIS Microsoft 365 Foundations v4.0.0 L1 E3microsoft_azure

IDENTIFICATION AND AUTHENTICATION

5.3.2.5 Ensure pam_unix module is enabledCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.2.5 Ensure pam_unix module is enabledCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

6.1.3 Ensure that 'Allow users to remember multifactor authentication on devices they trust' is disabledCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

IDENTIFICATION AND AUTHENTICATION

6.2.4 Ensure no legacy '+' entries exist in /etc/groupCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.4 Ensure no legacy '+' entries exist in /etc/group - + entries exist in /etc/groupCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

IDENTIFICATION AND AUTHENTICATION

6.5 Ensure that 'Number of methods required to reset' is set to '2'CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

IDENTIFICATION AND AUTHENTICATION

20.11 Ensure 'Active Directory user accounts are configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT)' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

20.11 Ensure 'Active Directory user accounts are configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT)' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

20.58 Ensure 'Shared user accounts do not exist'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

20.58 Ensure 'Shared user accounts do not exist' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

Big Sur - Disable Login to Other User's Active and Locked SessionsNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

IDENTIFICATION AND AUTHENTICATION

Big Sur - Disable Login to Other User's Active and Locked SessionsNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Login to Other User's Active and Locked SessionsNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Login to Other User's Active and Locked SessionsNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Login to Other User's Active and Locked SessionsNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Login to Other User's Active and Locked SessionsNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Password Authentication for SSHNIST macOS Catalina v1.5.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Disable Root LoginNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Root LoginNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION

HP ProCurve - 'Privilege mode is configured'TNS HP ProCurveHPProCurve

IDENTIFICATION AND AUTHENTICATION

Huawei: User Interfaces are AuthenticatedTNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - AAA - audit loggingTenable Cisco Viptela SD-WAN - vManageCisco_Viptela

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - AAA - netconf loggingTenable Cisco Viptela SD-WAN - vEdgeCisco_Viptela

IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Login to Other User's Active and Locked SessionsNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Login to Other User's Active and Locked SessionsNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - 800-53r4 LowUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Monterey - Disable Root LoginNIST macOS Monterey v1.0.0 - 800-171Unix

IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Root LoginNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Root LoginNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION

Monterey - Enforce Smartcard AuthenticationNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION

Network Security - Set the source address for all route engine generated traffic - accounting tacplus-serverJuniper Hardening JunOS 12 Devices ChecklistJuniper

IDENTIFICATION AND AUTHENTICATION

Restrict Unauthenticated RPC clientsMSCT Windows 11 v24H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

User Authentication Security - Centralized authentication - Configure accounting to trace activity and usageJuniper Hardening JunOS 12 Devices ChecklistJuniper

IDENTIFICATION AND AUTHENTICATION

User Authentication Security - Centralized authentication - Configure multiple servers for resiliency - TACACS+Juniper Hardening JunOS 12 Devices ChecklistJuniper

IDENTIFICATION AND AUTHENTICATION