Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.8 Ensure the System is Managed by a Mobile Device Management (MDM) SoftwareCIS Apple macOS 13.0 Ventura v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.3 Ensure last logged in user display is disabledCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.1.2 Audit App Store Password SettingsCIS Apple macOS 14.0 Sonoma v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.5.4 (L1) Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only)CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.3 Ensure a Custom Message for the Login Screen Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.4 Ensure Login Window Displays as Name and Password Is EnabledCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.5 Ensure Show Password Hints Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.3 Ensure Location Services Is EnabledCIS Apple macOS 12.0 Monterey v4.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.8 Ensure an Administrator Password Is Required to Access System-Wide PreferencesCIS Apple macOS 13.0 Ventura v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.9.1.1 Ensure the OS Is Not Active When Resuming from Standby (Intel)CIS Apple macOS 13.0 Ventura v3.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.9.1.2 Ensure Sleep and Display Sleep Is Enabled on Apple Silicon DevicesCIS Apple macOS 15.0 Sequoia v1.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10.3 Ensure a Custom Message for the Login Screen Is EnabledCIS Apple macOS 13.0 Ventura v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10.3 Ensure a Custom Message for the Login Screen Is EnabledCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10.5 Ensure Show Password Hints Is DisabledCIS Apple macOS 13.0 Ventura v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10.5 Ensure Show Password Hints Is DisabledCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.15 Audit DictationCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.15.1 Audit Notification & Focus SettingsCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.18.1 Ensure On-Device Dictation Is EnabledCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.3 Ensure secure ICMP redirects are not acceptedCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.6 Ensure bogus ICMP responses are ignoredCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.8 Ensure TCP SYN Cookies is enabledCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.10 Ensure SSH PermitUserEnvironment is disabledCIS Amazon Linux 2023 Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.18 Ensure sshd MaxStartups is configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.19 Ensure SSH MaxStartups is configuredCIS Debian 10 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.2 Ensure password expiration is 365 days or lessCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.6 Ensure SSH PAM is enabledCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.15 Ensure SSH warning banner is configuredCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.19 Ensure SSH LoginGraceTime is set to one minute or lessCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6.1.3 Ensure password expiration warning days is 7 or moreCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6.4 Ensure default group for the root account is GID 0CIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.8 Ensure a Login Window Banner ExistsCIS Apple macOS 12.0 Monterey v4.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.8 Ensure root is the only UID 0 accountCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.12 Limit Consecutive Login Attempts for SSHCIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.4 Enable a Warning Banner for the GNOME ServiceCIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Windows Server 2012 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Windows Server 2012 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.4 Ensure 'Configure security policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION