Item Search

NameAudit NamePluginCategory
1.1.2 Ensure 'Enable Password' is setCIS Cisco Firewall v8.x L1 v4.2.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.2 Ensure 'Enable Password' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.6 Ensure NIST FIPS-validated cryptography is configured - enabledCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.6 Ensure NIST FIPS-validated cryptography is configured - grubCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.6 Ensure NIST FIPS-validated cryptography is configured - installedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.021 - Software certificate installation files must be removed from a system.DISA Windows 7 STIG v1r32Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.021 - Software certificate installation files must be removed from Windows 2008 R2.DISA Windows Server 2008 R2 MS STIG v1r33Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.021 - Software certificate installation files must be removed from Windows 2008 R2.DISA Windows Server 2008 R2 DC STIG v1r34Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.021 - Software certificate installation files must be removed from Windows 2008.DISA Windows Server 2008 MS STIG v6r46Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.021 - Software certificate installation files must be removed from Windows 2008.DISA Windows Server 2008 DC STIG v6r47Windows

SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Disable 'nobody' Access for RPC Encryption Key Storage ServiceCIS Solaris 11 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Disable "nobody" Access for RPC Encryption Key Storage ServiceCIS Solaris 11.2 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

6.5 Ensure 'sslProtocol' is Configured Correctly for Secure ConnectorsCIS Apache Tomcat 10 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.5 Ensure 'sslProtocol' is Configured Correctly for Secure ConnectorsCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.5 Ensure 'sslProtocol' is Configured Correctly for Secure ConnectorsCIS Apache Tomcat 9 L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.5 Ensure 'sslProtocol' is Configured Correctly for Secure ConnectorsCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.5 Ensure SSL Protocol is set to TLS for Secure Connectors - verify sslProtocol is set to TLSCIS Apache Tomcat 8 L1 v1.1.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.5 Ensure SSL Protocol is set to TLS for Secure Connectors - verify sslProtocol is set to TLSCIS Apache Tomcat 8 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Disable 'nobody' access for secure RPC, Check if 'ENABLE_NOBODY_KEYS' is set to No in /etc/default/keyserv (Solaris 9)CIS Solaris 9 v1.3Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.DISA STIG Apache Server 2.4 Unix Site v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.DISA STIG Apache Server 2.4 Unix Site v2r4 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies.DISA STIG Apache Server 2.4 Unix Site v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies.DISA STIG Apache Server 2.4 Unix Site v2r4 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

BIND-9X-001134 - On the BIND 9.x server the private keys corresponding to both the ZSK and the KSK must not be kept on the BIND 9.x DNSSEC-aware primary authoritative name server when the name server does not support dynamic updates.DISA BIND 9.x STIG v1r9Unix

SYSTEM AND COMMUNICATIONS PROTECTION

BIND-9X-001134 - On the BIND 9.x server the private keys corresponding to both the ZSK and the KSK must not be kept on the BIND 9.x DNSSEC-aware primary authoritative name server when the name server does not support dynamic updates.DISA BIND 9.x STIG v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-002620 - Kubernetes API Server must disable basic authentication to protect information in transit.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-002630 - Kubernetes API Server must disable token authentication to protect information in transit.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-002640 - Kubernetes endpoints must use approved organizational certificate and key pair to protect information in transit.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI015 - IE Warning of invalid certificates - 'WarnOnBadCertRecving=1'.DISA STIG IE 9 v1r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI015 - The Internet Explorer warning about certificate address mismatch must be enforced.DISA STIG IE 10 V1R16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI015-IE11 - The Internet Explorer warning about certificate address mismatch must be enforced.DISA STIG IE 11 v1r18Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI015-IE11 - The Internet Explorer warning about certificate address mismatch must be enforced.DISA STIG IE 11 v1r19Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI015-IE11 - The Internet Explorer warning about certificate address mismatch must be enforced.DISA STIG IE 11 v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO316 - Outlook minimum encryption key length settings must be set.DISA STIG Microsoft Outlook 2013 v1r12Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO316 - Outlook minimum encryption key length settings must be set.DISA STIG Microsoft Outlook 2016 v1r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO316 - Outlook minimum encryption key length settings must be set.DISA STIG Microsoft Outlook 2016 v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EC2: DescribeKeyPairs - 'Key names currently in use'Tenable AWS Best Practice Auditamazon_aws

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

HIPAA 164.312(a)(2)(iv) - Encryption and Decryption (A)HIPAA Windows AuditWindows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

PANW-NM-000145 - The Palo Alto Networks security platform must authenticate Network Time Protocol sources - 'Primary NTP Server'DISA STIG Palo Alto NDM v1r4Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

PANW-NM-000145 - The Palo Alto Networks security platform must authenticate Network Time Protocol sources - 'Secondary NTP Server'DISA STIG Palo Alto NDM v1r4Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-040320 - The nobody access for RPC encryption key storage service must be disabled.DISA STIG Solaris 11 SPARC v2r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-040320 - The nobody access for RPC encryption key storage service must be disabled.DISA STIG Solaris 11 SPARC v2r4Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-040320 - The nobody access for RPC encryption key storage service must be disabled.DISA STIG Solaris 11 X86 v2r4Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Web Interface - Does not use self-signed certTNS SonicWALL v5.8 Best PracticesSonicWALL

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN08-GE-000020 - Software certificate installation files must be removed from a system.DISA Windows 8/8.1 STIG v1r23Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN16-00-000270 - Software certificate installation files must be removed from Windows Server 2016.DISA Windows Server 2016 STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN16-00-000270 - Software certificate installation files must be removed from Windows Server 2016.DISA Windows Server 2016 STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN16-PK-000020 - The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems - DoD Root CA 2DISA Windows Server 2016 STIG v2r8Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN19-00-000240 - Windows Server 2019 must have software certificate installation files removed.DISA Windows Server 2019 STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN19-00-000240 - Windows Server 2019 must have software certificate installation files removed.DISA Windows Server 2019 STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION