Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5 Set 'login authentication for 'ip http'CIS Cisco IOS XE 16.x v2.2.0 L1Cisco

ACCESS CONTROL

1.6.3 Ensure Exec Timeout for Console Sessions is setCIS Cisco IOS XR 7.x v1.0.1 L1Cisco

CONFIGURATION MANAGEMENT, MAINTENANCE

3.2.9 Ensure IPv6 router advertisements are not acceptedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.9 Ensure IPv6 router advertisements are not accepted - files net.ipv6.conf.all.accept_ra = 0CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.9 Ensure IPv6 router advertisements are not accepted - files net.ipv6.conf.all.accept_ra = 0CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - files net.ipv6.conf.default.accept_ra = 0CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.9 Ensure IPv6 router advertisements are not accepted - files net.ipv6.conf.default.accept_ra = 0CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.all.accept_ra = 0CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.all.accept_ra = 0CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.default.accept_ra = 0CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl.conf sysctl.d net.ipv6.conf.default.accept_raCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.all.accept_ra'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.default.accept_ra'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all acceptCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.6 Set 'authentication key-chain'CIS Cisco IOS XE 17.x v2.2.1 L1Cisco

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.6 Set 'authentication key-chain'CIS Cisco IOS XE 16.x v2.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.7 Set 'authentication mode md5'CIS Cisco IOS XE 16.x v2.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.9 Ensure IPv6 router advertisements are not acceptedCIS CentOS Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.9 Ensure IPv6 router advertisements are not acceptedCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.9 Ensure IPv6 router advertisements are not acceptedCIS SUSE Linux Enterprise 12 v3.2.1 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.9 Ensure IPv6 router advertisements are not acceptedCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.10 Ensure IPv6 router advertisements are not acceptedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.4.1.1 Disable IPv6 Router Advertisements - net.ipv6.conf.default.accept_ra = 0CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

7.3.1 Disable IPv6 Router Advertisements - 'net.ipv6.conf.default.accept_ra = 0'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.3.1 Disable IPv6 Router Advertisements - net.ipv6.conf.all.accept_raCIS Debian Linux 7 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.3.1 Disable IPv6 Router Advertisements - net.ipv6.conf.default.accept_raCIS Debian Linux 7 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-26-015500 - Apple iOS/iPadOS 26 must disable the download of iOS/iPadOS beta updates.MobileIron - DISA Apple iOS/iPadOS 26 v1r2MDM

CONFIGURATION MANAGEMENT

ARST-RT-000180 - The Arista perimeter router must be configured to not redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems.DISA Arista MLS EOS 4.X Router STIG v2r2Arista

ACCESS CONTROL

ARST-RT-000340 - The Arista router must be configured to restrict traffic destined to itself.DISA Arista MLS EOS 4.X Router STIG v2r2Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-RT-000340 - The Arista router must be configured to restrict traffic destined to itself.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-RT-000720 - The MPLS router must be configured to have TTL propagation disabled.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

CONFIGURATION MANAGEMENT

CISC-ND-000150 - The Cisco switch must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must disconnect the session.DISA Cisco NX OS Switch NDM STIG v3r6Cisco

ACCESS CONTROL

CISC-RT-000393 - The Cisco perimeter switch must be configured drop IPv6 packets with a Routing Header type 0, 1, or 3-255.DISA Cisco IOS Switch RTR STIG v3r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000396 - The Cisco perimeter switch must be configured to drop IPv6 packets containing an extension header with the Endpoint Identification option.DISA Cisco IOS XE Switch RTR STIG v3r4Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000396 - The Cisco perimeter switch must be configured to drop IPv6 packets containing an extension header with the Endpoint Identification option.DISA Cisco IOS Switch RTR STIG v3r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000397 - The Cisco perimeter switch must be configured to drop IPv6 packets containing the NSAP address option within Destination Option header.DISA Cisco IOS Switch RTR STIG v3r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000397 - The Cisco perimeter switch must be configured to drop IPv6 packets containing the NSAP address option within Destination Option header.DISA Cisco IOS XE Switch RTR STIG v3r4Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000550 - The Cisco BGP switch must be configured to reject route advertisements from CE switches with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA Cisco NX OS Switch RTR STIG v3r4Cisco

ACCESS CONTROL

DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
OS10-RTR-000680 - The Dell OS10 BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer.DISA Dell OS10 Switch Router STIG v1r1Dell_OS10

SYSTEM AND COMMUNICATIONS PROTECTION

Remote Location - ProtocolTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

SonicWALL - GAV ON - WANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - WLANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

VCSA-70-000274 - The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

CONFIGURATION MANAGEMENT

VCSA-80-000274 - The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.DISA VMware vSphere 8.0 vCenter STIG v2r3VMware

CONFIGURATION MANAGEMENT

VCTR-67-000020 - The vCenter Server must not configure all port groups to VLAN values reserved by upstream physical switches.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT

VCWN-06-000020 - All port groups must not be configured to VLAN values reserved by upstream physical switches.DISA VMware vSphere vCenter Server Version 6 STIG v1r4VMware

CONFIGURATION MANAGEMENT

VCWN-65-000020 - The vCenter Server for Windows must not configure all port groups to VLAN values reserved by upstream physical switches.DISA VMware vSphere 6.5 vCenter Server for Windows STIG v2r3VMware

CONFIGURATION MANAGEMENT