Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of squashfs filesystems is disabledCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Debian Family Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.3 Harden the container hostCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

1.4 Use non-default account namesCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows

ACCESS CONTROL

1.4 Use non-default account namesCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix

ACCESS CONTROL

2.1.3 Ensure 'BGP authentication' is enabledCIS Cisco ASA 9.x Firewall L2 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Do not use the aufs storage driverCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.1.5 Secure permissions for default database file pathCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows
3.1.5 Secure permissions for default database file pathCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix
3.1.5 Secure permissions for default database file pathCIS IBM DB2 v10 v1.1.0 Windows OS Level 2Windows
3.1.5 Secure permissions for default database file path (Scored)CIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix
3.2.11 Establish retention set size for backups - 'num_db_backups <= 100'CIS IBM DB2 OS L2 v1.2.0Unix

CONTINGENCY PLANNING, SYSTEM AND INFORMATION INTEGRITY

3.4.1.1 Ensure firewalld is installedCIS CentOS Linux 8 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure firewalld is installedCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure firewalld is installedCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure firewalld is installedCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure firewalld is installedCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure firewalld is installedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure firewalld is installedCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure firewalld is installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure firewalld is installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.6 Ensure events that modify the system's network environment are collected - auditctl '/etc/network'CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl 'issue.net'CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl 'sethostname setdomainname'CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl 'sethostname setdomainname' x64CIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - sethostname setdomainnameCIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.2.1 Ensure firewalld is installedCIS SUSE Linux Enterprise 15 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure firewalld is installedCIS SUSE Linux Enterprise 15 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.8 (L1) Ensure 'Internet Connection Sharing (ICS) (SharedAccess)' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

5.8 (L1) Ensure 'Internet Connection Sharing (ICS) (SharedAccess)' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT

5.9 (L1) Ensure 'Internet Connection Sharing (ICS) (SharedAccess)' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

5.9 (L1) Ensure 'Internet Connection Sharing (ICS) (SharedAccess)' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

6.5 Avoid container sprawlCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

6.5 Avoid container sprawlCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

8.7 Secure the permissions of the IBMLDAPSecurity.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix
8.7 Secure the permissions of the IBMLDAPSecurity.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows
9.11 Ensure permissions on communication exit library locationsCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix
9.11 Ensure permissions on communication exit library locationsCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows
9.11 Ensure permissions on communication exit library locationsCIS IBM DB2 v10 v1.1.0 Windows OS Level 2Windows
26 - Setup Client-cert AuthenticationTNS Best Practice Jetty 9 LinuxUnix

IDENTIFICATION AND AUTHENTICATION

ARST-RT-000020 - The Arista BGP router must be configured to reject inbound route advertisements for any Bogon prefixes.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

ARST-RT-000190 - The out-of-band management (OOBM) Arista gateway router must be configured to have separate IGP instances for the managed network and management network.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

Excel 2 worksheetsMSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Excel 2 worksheetsMSCT M365 Apps for enterprise 2312 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above.DISA STIG Mozilla Firefox Linux v6r6Unix

ACCESS CONTROL

FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above.DISA STIG Mozilla Firefox MacOS v6r6Unix

ACCESS CONTROL

MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

Select the channel for Microsoft Defender daily security intelligence updatesMSCT Windows Server 2025 MS v1.0.0Windows
VCST-70-000019 - The Security Token Service must limit the number of allowed connections.DISA STIG VMware vSphere 7.0 STS Tomcat v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

VM Tools: guest-8.tools-deactivate-containerinfoVMware vSphere Security Configuration and Hardening GuideVMware

CONFIGURATION MANAGEMENT