Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.4 Ensure Passwords are Not Stored in the service fileCIS PostgreSQL 14 OS v 1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1 (L1) Ensure a centralized location is configured to collect ESXi host core dumpsCIS VMware ESXi 7.0 v1.4.0 L1 Bare MetalUnix

AUDIT AND ACCOUNTABILITY

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.6 Ensure the log file permissions are set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.1.18 Ensure 'debug_print_plan' is disabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.20 Ensure 'log_connections' is enabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.21 Ensure 'log_disconnections' is enabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.26 Ensure 'log_timezone' is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.6 Ensure excessive DML privileges are revokedCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.8 Ensure the set_user extension is installedCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

ACCESS CONTROL

5.4 Ensure login via 'host' TCP/IP Socket is configured correctlyCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.2 Ensure the backup and restore tool, 'pgBackRest', is installed and configuredCIS PostgreSQL 14 OS v 1.2.0Unix

CONTINGENCY PLANNING

18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

ACCESS CONTROL

18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

ACCESS CONTROL

18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

ACCESS CONTROL

18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

ACCESS CONTROL

18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

ACCESS CONTROL

18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

ACCESS CONTROL

18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

ACCESS CONTROL

18.9.36.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.9.36.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.9.77.7.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

18.10.9.2.2 (BL) Ensure 'Allow Secure Boot for integrity validation' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.9.2.2 (BL) Ensure 'Allow Secure Boot for integrity validation' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.9.2.2 (BL) Ensure 'Allow Secure Boot for integrity validation' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.9.2.2 (BL) Ensure 'Allow Secure Boot for integrity validation' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

CONFIGURATION MANAGEMENT

18.10.42.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.42.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.1 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.2 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.2 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.3 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.3 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.3 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.3 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.10.43.10.2 (L1) Ensure 'Scan all downloaded files and attachments' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.3 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.5 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

SYSTEM AND INFORMATION INTEGRITY

23.3 (L1) Ensure 'Require Platform Security Features' is set to 'Turns on VBS with Secure Boot' or higherCIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

AIX7-00-003114 - If the AIX host is running an SMTP service, the SMTP greeting must not provide version information.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

GEN004560 - The SMTP service's SMTP greeting must not provide version information.DISA STIG AIX 5.3 v1r2Unix

CONFIGURATION MANAGEMENT

GEN005300-ESXI5-000099 - SNMP communities, users, and passphrases must be changed from the default.DISA STIG VMWare ESXi Server 5 STIG v2r1VMware

CONFIGURATION MANAGEMENT