Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3 Ensure 'Master Key Passphrase' is setCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.34 Ensure that the --encryption-provider-config argument is set as appropriateCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.35 Ensure that the encryption provider is set to aescbcCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.1.7 Set 'Restrict crypto algorithms or cipher suites to the following:' to '2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.1.8 Set 'Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' to 'False'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.2.6 Set 'Use BitLocker software-based encryption when hardware encryption is not available' to 'True'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.2.19 Set 'Configure TPM startup:' to 'Do not allow TPM'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.3.13 Set 'Save BitLocker recovery information to AD DS for removable data drives' to 'False'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.3.19 Configure 'Control use of BitLocker on removable drives'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.5 Set 'Select the encryption method:' to 'Enabled:AES 256-bit'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.8 Configure 'Provide the unique identifiers for your organization'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

5.4.3 Ensure password hashing algorithm is SHA-512 - password-authCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.3 Ensure password hashing algorithm is SHA-512 - system-authCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.3 Ensure password hashing algorithm is SHA-512 - system-authCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure Network Encryption is Configured and EnabledCIS SQL Server 2022 Database L2 DB v1.1.0MS_SQLDB

CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.3.6 (L1) Ensure 'Extended Protection for LDAP Authentication (Domain Controllers only)' is set to 'Enabled: Enabled, always (recommended)' (DC Only)CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.3.6 (L1) Ensure 'Extended Protection for LDAP Authentication (Domain Controllers only)' is set to 'Enabled: Enabled, always (recommended)' (DC Only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.9.11.2.13 Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.2.13 Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'CIS Windows 7 Workstation Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.2.13 Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.2.19 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.2.19 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow enhanced PINs for startupMSCT Windows 11 v23H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Allow enhanced PINs for startupMSCT Windows 11 v22H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Allow enhanced PINs for startupMSCT Windows 11 v24H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Allow enhanced PINs for startupMSCT Windows 10 v21H1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Allow enhanced PINs for startupMSCT Windows 10 v22H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - EncryptionMethodWithXtsFdvMSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - EncryptionMethodWithXtsFdvMSCT Windows 10 1809 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - EncryptionMethodWithXtsOsMSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - EncryptionMethodWithXtsOsMSCT Windows 10 1809 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - EncryptionMethodWithXtsRdvMSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Deny write access to removable drives not protected by BitLocker - RDVDenyCrossOrgMSCT Windows 11 v1.0.0Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

Deny write access to removable drives not protected by BitLocker - RDVDenyCrossOrgMSCT Windows 10 v22H2 v1.0.0Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

Deny write access to removable drives not protected by BitLocker - RDVDenyCrossOrgMSCT Windows 10 v21H1 v1.0.0Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

Deny write access to removable drives not protected by BitLocker - RDVDenyWriteAccessMSCT Windows 10 v21H1 v1.0.0Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

Deny write access to removable drives not protected by BitLocker - RDVDenyWriteAccessMSCT Windows 11 v22H2 v1.0.0Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

Deny write access to removable drives not protected by BitLocker - RDVDenyWriteAccessMSCT Windows 11 v24H2 v1.0.0Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

Deny write access to removable drives not protected by BitLocker - RDVDenyWriteAccessMSCT Windows 10 v22H2 v1.0.0Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enforce FileVaultNIST macOS Monterey v1.0.0 - 800-171Unix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enforce FileVaultNIST macOS Monterey v1.0.0 - All ProfilesUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enforce FileVaultNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enforce FileVaultNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enforce FileVaultNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enforce FileVaultNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enforce FileVaultNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

SYSTEM AND COMMUNICATIONS PROTECTION