Item Search

Name	Audit Name	Plugin	Category
4.9 (L1) Host must transmit audit records to a remote log collector	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	AUDIT AND ACCOUNTABILITY
5.4 CIFS - 'CIFS protocol is disabled'	TNS NetApp Data ONTAP 7G	NetApp	CONFIGURATION MANAGEMENT
5.4 CIFS - 'cifs.audit.autosave.file.extension has been configured'	TNS NetApp Data ONTAP 7G	NetApp	AUDIT AND ACCOUNTABILITY
5.4 CIFS - 'cifs.audit.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	AUDIT AND ACCOUNTABILITY
5.4 CIFS - 'cifs.audit.logon_events.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	AUDIT AND ACCOUNTABILITY
5.4 CIFS - 'cifs.smb2.client.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND INFORMATION INTEGRITY
5.4 CIFS - 'ldap.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	IDENTIFICATION AND AUTHENTICATION
5.4 CIFS - 'timed.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	AUDIT AND ACCOUNTABILITY
5.5 NFS - 'nfs.kerberos.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
5.5 NFS - 'nfs.kerberos.realm has been configured'	TNS NetApp Data ONTAP 7G	NetApp	SYSTEM AND COMMUNICATIONS PROTECTION
5.5 NFS - 'nfs.v3.enable = off'	TNS NetApp Data ONTAP 7G	NetApp	CONFIGURATION MANAGEMENT
5.5 NFS - 'nfs.v4.acl.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	ACCESS CONTROL
5.5 NFS - 'nfs.v4.enable = off'	TNS NetApp Data ONTAP 7G	NetApp	CONFIGURATION MANAGEMENT
5.5 NFS - 'wafl.default_nt_user has been configured'	TNS NetApp Data ONTAP 7G	NetApp	ACCESS CONTROL
5.5 NFS - 'wafl.wcc_minutes_valid has been configured'	TNS NetApp Data ONTAP 7G	NetApp	IDENTIFICATION AND AUTHENTICATION
7.1.1.7 Ensure that virtual network flow logs are captured and sent to Log Analytics	CIS Microsoft Azure Foundations v4.0.0 L2	microsoft_azure	SYSTEM AND INFORMATION INTEGRITY
9.2.1 Ensure That Microsoft Defender for IoT Hub Is Set To 'On'	CIS Microsoft Azure Foundations v4.0.0 L2	microsoft_azure	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
ARST-L2-000020 - The Arista MLS layer 2 switch must uniquely identify all network-connected endpoint devices before establishing any connection.	DISA STIG Arista MLS EOS 4.2x L2S v2r1	Arista	IDENTIFICATION AND AUTHENTICATION
CASA-VN-000230 - The Cisco ASA must be configured to use FIPS-validated SHA-2 at 384 bits or higher for Internet Key Exchange (IKE) Phase 1 - IKE Phase 1.	DISA STIG Cisco ASA VPN v2r2	Cisco	IDENTIFICATION AND AUTHENTICATION
GEN006560 - The system vulnerability assessment, host-based intrusion detection, and file integrity tools must notify of a security breach.	DISA STIG AIX 6.1 v1r14	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
JUSX-IP-000005 - The Juniper Networks SRX Series Gateway IDPS must block outbound traffic containing known and unknown DoS attacks by ensuring that rules are applied to outbound communications traffic.	DISA Juniper SRX Services Gateway IDPS v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
List bonded NIC groups	TNS Citrix Hypervisor	Unix	CONFIGURATION MANAGEMENT
List networks	TNS Citrix Hypervisor	Unix	CONFIGURATION MANAGEMENT
List patches	TNS Citrix Hypervisor	Unix	SYSTEM AND INFORMATION INTEGRITY
List physical storage locations	TNS Citrix Hypervisor	Unix	CONFIGURATION MANAGEMENT
List users	TNS Citrix Hypervisor	Unix	ACCESS CONTROL
OL07-00-010020 - The Oracle Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values.	DISA Oracle Linux 7 STIG v3r2	Unix	CONFIGURATION MANAGEMENT
Only allow access to required network services	TNS Citrix Hypervisor	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
PANW-IP-000018 - The Palo Alto Networks security platform must have a denial-of-service (DoS) Protection Profile for outbound traffic applied to a policy for traffic originating from the internal zone going to the external zone.	DISA STIG Palo Alto IDPS v3r1	Palo_Alto	SYSTEM AND COMMUNICATIONS PROTECTION
PANW-IP-000053 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged or non-privileged access is detected.	DISA STIG Palo Alto IDPS v3r1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
PANW-IP-000055 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.	DISA STIG Palo Alto IDPS v3r1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
SLES-12-010500 - Advanced Intrusion Detection Environment (AIDE) must verify the baseline SUSE operating system configuration at least weekly.	DISA SLES 12 STIG v3r2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
SLES-12-030270 - The SUSE operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.	DISA SLES 12 STIG v3r2	Unix	ACCESS CONTROL
SLES-15-040450 - The SUSE operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.	DISA SUSE Linux Enterprise Server 15 STIG v2r4	Unix	ACCESS CONTROL
SYMP-AG-000230 - Symantec ProxySG must provide an alert to, at a minimum, the SCA and ISSO of all audit failure events where the detection and/or prevention function is unable to write events to either local storage or the centralized server - Enabled	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	AUDIT AND ACCOUNTABILITY
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - Explicit	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - External	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - Internal	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
The hosts.allow file limits access to the local network	TNS Citrix Hypervisor	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
UBTU-18-010421 - The Ubuntu operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.	DISA STIG Ubuntu 18.04 LTS v2r15	Unix	ACCESS CONTROL
UBTU-20-010045 - The Ubuntu operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.	DISA Canonical Ubuntu 20.04 LTS STIG v2r2	Unix	ACCESS CONTROL
UBTU-22-255060 - Ubuntu 22.04 LTS SSH server must be configured to use only FIPS-validated key exchange algorithms.	DISA Canonical Ubuntu 22.04 LTS STIG v2r4	Unix	ACCESS CONTROL
XenServer - Host version	TNS Citrix XenServer	Unix	CONFIGURATION MANAGEMENT
XenServer - List networks	TNS Citrix XenServer	Unix	CONFIGURATION MANAGEMENT
XenServer - List physical storage locations	TNS Citrix XenServer	Unix	CONFIGURATION MANAGEMENT
XenServer - List running VMs	TNS Citrix XenServer	Unix	CONFIGURATION MANAGEMENT
XenServer - Only allow access to required network services	TNS Citrix XenServer	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
XenServer - The hosts.deny file blocks access by default	TNS Citrix XenServer	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
XenServer - XAPI SSL certificate is in default location	TNS Citrix XenServer	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search