Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Use the updated Linux KernelCIS Docker 1.6 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

1.6.2 Ensure system wide crypto policy disables sha1 hash and signature supportCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Rocky Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.4 Ensure system wide crypto policy disables sha1 hash and signature supportCIS SUSE Linux Enterprise 15 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.3 Ensure 'Mailbox quotas: Prohibit send and receive at' is set to ''CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'Mailbox quotas: Prohibit send at' is set to ''CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.16 Ensure Logging is enabled for HTTP(S) Load BalancerCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

2.18 Disable Userland ProxyCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.4.1.1 Ensure iptables is installedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure iptables is installedCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure iptables is installedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure iptables is installedCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure iptables is installedCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure firewalld is installed - iptablesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.6 Ensure events that modify the system's network environment are collected - /etc/hostsCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - /etc/hostsCIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - /etc/issueCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - /etc/issueCIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - /etc/sysconfig/networkCIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl '/etc/hosts'CIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl '/etc/issue'CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl '/etc/issue'CIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl '/etc/network'CIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl 'sethostname setdomainname' x64CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - issue.netCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - sethostname setdomainnameCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - sethostname setdomainname x64CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.7 Ensure events that modify the system's network environment are collected - b64 sethostnameCIS Distribution Independent Linux Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.1 Ensure AppArmor Profile is EnabledCIS Docker Community Edition v1.1.0 L1 DockerUnix

ACCESS CONTROL

5.1 Verify AppArmorCIS Docker 1.6 v1.0.0 L2 DockerUnix

ACCESS CONTROL

5.4 Restrict Linux Kernel Capabilities within containersCIS Docker 1.6 v1.0.0 L1 DockerUnix

ACCESS CONTROL

5.16 Do not share the host's IPC namespaceCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

8.8 Secure the permissions of the SSLconfig.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix
8.8 Secure the permissions of the SSLconfig.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows
DTAVSEL-000 - The McAfee VirusScan Enterprise for Linux Web interface must be disabled unless the system is on a segregated network.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

CONFIGURATION MANAGEMENT

DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-200 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must scan all media used for system maintenance prior to use.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

MAINTENANCE

FFOX-00-000004 - Firefox must be configured to not automatically check for updated versions of installed search plugins.DISA STIG Mozilla Firefox MacOS v6r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000004 - Firefox must be configured to not automatically check for updated versions of installed search plugins.DISA STIG Mozilla Firefox Linux v6r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000010 - Firefox must be configured to prevent JavaScript from moving or resizing windows.DISA STIG Mozilla Firefox MacOS v6r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000010 - Firefox must be configured to prevent JavaScript from moving or resizing windows.DISA STIG Mozilla Firefox Linux v6r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000011 - Firefox must be configured to prevent JavaScript from raising or lowering windows.DISA STIG Mozilla Firefox MacOS v6r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000011 - Firefox must be configured to prevent JavaScript from raising or lowering windows.DISA STIG Mozilla Firefox Linux v6r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000026 - Firefox extension recommendations must be disabled.DISA STIG Mozilla Firefox MacOS v6r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000026 - Firefox extension recommendations must be disabled.DISA STIG Mozilla Firefox Linux v6r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000037 - Firefox encrypted media extensions must be disabled.DISA STIG Mozilla Firefox Windows v6r6Windows

CONFIGURATION MANAGEMENT

Specifies whether the display-capture permissions-policy is checked or skippedMSCT Edge v107 v1.0.0Windows

CONFIGURATION MANAGEMENT

VCPG-70-000001 - VMware Postgres must limit the number of connections.DISA STIG VMware vSphere 7.0 PostgreSQL v1r2Unix

ACCESS CONTROL