Item Search

Name	Audit Name	Plugin	Category
1.1.1 Ensure that the API server pod specification file permissions are set to 600 or more restrictive	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.4 Ensure nosuid option set on /tmp partition	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.15 Ensure that the scheduler.conf file permissions are set to 600 or more restrictive	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.16 Ensure nosuid option set on /dev/shm partition	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.18 Ensure nodev option set on removable media partitions	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.18 Ensure nodev option set on removable media partitions	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.19 Ensure nosuid option set on removable media partitions	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.19 Ensure nosuid option set on removable media partitions	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.2.23 Ensure that the --service-account-lookup argument is set to true	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.5.1.5 Ensure permissions on /etc/issue are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.2 Ensure extension directory has appropriate ownership and permissions	CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.2 Ensure extension directory has appropriate ownership and permissions	CIS PostgreSQL 13 OS v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.2 Ensure extension directory has appropriate ownership and permissions	CIS PostgreSQL 14 OS v 1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.3.19.4 (L1) Ensure 'Never allow users to specify groups when restricting permission for documents' is set to 'Enabled'	CIS Microsoft Intune for Office v1.1.0 L1	Windows	ACCESS CONTROL, MEDIA PROTECTION
2.3.19.5 (L1) Ensure 'Prevent users from changing permissions on rights managed content' is set to 'Disabled'	CIS Microsoft Intune for Office v1.1.0 L1	Windows	ACCESS CONTROL, MEDIA PROTECTION
2.5.1.2.1 (L1) Ensure 'Do not allow users to change permissions on folders' is set to 'Enabled'	CIS Microsoft Intune for Office v1.1.0 L1	Windows	ACCESS CONTROL, MEDIA PROTECTION
2.5.1.2.2 Ensure 'Do not allow users to change permissions on folders' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	ACCESS CONTROL, MEDIA PROTECTION
2.5.10.8.1.2.1 (L1) Ensure 'Access to published calendars' is set to 'Enabled'	CIS Microsoft Intune for Office v1.1.0 L1	Windows	ACCESS CONTROL, MEDIA PROTECTION
2.5.10.8.1.2.1 Ensure 'Access to published calendars' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	ACCESS CONTROL, MEDIA PROTECTION
3.1.2 Secure Ppermissions for Default Database File Path (DFTDBPATH)	CIS IBM DB2 11 v1.1.0 Windows OS Level 1	Windows	ACCESS CONTROL, MEDIA PROTECTION
3.2 Ensure world writable directories have the SVTX bit set	CIS IBM AIX 7 v1.1.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
3.2.3 Disable Grants During Restore (DB2_RESTORE_GRANT_ADMIN_AUTHORITIES)	CIS IBM DB2 11 v1.1.0 Linux OS Level 1	Unix	ACCESS CONTROL, MEDIA PROTECTION
3.2.4 Enable Extended Security (DB2_EXTSECURITY)	CIS IBM DB2 11 v1.1.0 Windows OS Level 1	Windows	ACCESS CONTROL, MEDIA PROTECTION
4.1.1 Ensure that the kubelet service file permissions are set to 600 or more restrictive	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.1.5 Ensure that the --kubeconfig kubelet.conf file permissions are set to 600 or more restrictive	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Worker	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.1.6 Secure Permissions for the Secondary Archive Log Location (LOGARCHMETH2)	CIS IBM DB2 11 v1.1.0 Linux OS Level 1	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.1.7 Ensure that the certificate authorities file permissions are set to 600 or more restrictive	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Worker	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.1.7 Secure Permissions for the Tertiary Archive Log Location (FAILARCHPATH)	CIS IBM DB2 11 v1.1.0 Linux OS Level 1	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.1.9 Ensure that the kubelet --config configuration file has permissions set to 600 or more restrictive	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.1.14 Specify a Secure Location for External Tables (EXTBL_LOCATION)	CIS IBM DB2 11 v1.1.0 Windows OS Level 1	Windows	ACCESS CONTROL, MEDIA PROTECTION
4.2.1 Ensure that the --anonymous-auth argument is set to false	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.2.2 Ensure that the --authorization-mode argument is not set to AlwaysAllow	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.3.1 (L1) Ensure a dynamic group for guest users is created	CIS Microsoft 365 Foundations v5.0.0 L1 E3	microsoft_azure	ACCESS CONTROL, MEDIA PROTECTION
5.1.3.1 (L1) Ensure a dynamic group for guest users is created	CIS Microsoft 365 Foundations v5.0.0 L1 E5	microsoft_azure	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure cron is restricted to authorized users	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure cron is restricted to authorized users	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.6 Ensure access to the su command is restricted - /etc/group	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.6 Ensure access to the su command is restricted - /etc/group	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.6 Ensure access to the su command is restricted - /etc/pam.d/su	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values	CIS Amazon Linux 2 STIG v2.0.0 STIG	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.2.3 (L1) Ensure external content sharing is restricted	CIS Microsoft 365 Foundations v5.0.0 L1 E3	microsoft_azure	ACCESS CONTROL, MEDIA PROTECTION
7.2.3 (L1) Ensure external content sharing is restricted	CIS Microsoft 365 Foundations v5.0.0 L1 E5	microsoft_azure	ACCESS CONTROL, MEDIA PROTECTION
7.2.7 (L1) Ensure link sharing is restricted in SharePoint and OneDrive	CIS Microsoft 365 Foundations v5.0.0 L1 E3	microsoft_azure	ACCESS CONTROL, MEDIA PROTECTION
7.2.7 (L1) Ensure link sharing is restricted in SharePoint and OneDrive	CIS Microsoft 365 Foundations v5.0.0 L1 E5	microsoft_azure	ACCESS CONTROL, MEDIA PROTECTION
9.1.7 (L1) Ensure shareable links are restricted	CIS Microsoft 365 Foundations v5.0.0 L1 E3	microsoft_azure	ACCESS CONTROL, MEDIA PROTECTION
9.1.7 (L1) Ensure shareable links are restricted	CIS Microsoft 365 Foundations v5.0.0 L1 E5	microsoft_azure	ACCESS CONTROL, MEDIA PROTECTION
10.2 Allowlist Approved Servers Belonging to a MySQL InnoDB Cluster	CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database	MySQLDB	ACCESS CONTROL, MEDIA PROTECTION

Detections

Analytics

Item Search