Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.5.2 Ensure nodev option set on /var/tmp partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.5.3 Ensure nosuid option set on /var/tmp partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.7.2 Ensure nodev option set on /var/log/audit partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.2.5 Ensure updates, patches, and additional security software are installedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4.1.7 Ensure the MCS Translation Service (mcstrans) is not installedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.5.5 Ensure kernel.dmesg_restrict is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.9 Ensure systemd-coredump ProcessSizeMax is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.3 Ensure chrony is not run as the root userCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

2.2.4 Ensure dns server services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.7 Ensure ftp server services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.13 Ensure rsync services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.18 Ensure web server services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.22 Ensure only approved services are listening on a network interfaceCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.25 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only)CIS Microsoft Windows Server 2022 v5.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.26 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only)CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.8 Ensure Dbcreator and Securityadmin roles are only used as neededCIS Microsoft SharePoint 2019 DB v1.0.0MS_SQLDB

ACCESS CONTROL

2.9 Ensure Dbcreator and Securityadmin roles are only used as neededCIS Microsoft SharePoint 2016 DB v1.1.0MS_SQLDB

ACCESS CONTROL

2.19 Ensure FIPS 140-2 OpenSSL Cryptography Is UsedCIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS on Linux MySQLDBMySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.3 Ensure bluetooth services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.5 Ensure net.ipv4.conf.default.send_redirects is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.7 Ensure net.ipv4.icmp_echo_ignore_broadcasts is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.9 Ensure net.ipv4.conf.default.accept_redirects is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.14 Ensure net.ipv4.conf.all.accept_source_route is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.15 Ensure net.ipv4.conf.default.accept_source_route is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.6 Ensure net.ipv6.conf.default.accept_source_route is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is UsedCIS PostgreSQL 14 OS v 1.3.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.4.2 (L2) Ensure Autologon is disabledCIS VMware ESXi 7.0 v1.5.0 L2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.4.17 (L2) Ensure GetCreds is disabledCIS VMware ESXi 7.0 v1.5.0 L2VMware

CONFIGURATION MANAGEMENT

18.9.25.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

IDENTIFICATION AND AUTHENTICATION

18.9.25.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

IDENTIFICATION AND AUTHENTICATION

18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

18.10.18.1 Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.18.1 Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.18.3 Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows Server 2025 v2.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.10.18.3 Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows Server 2025 v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.77.1.2 Ensure 'Notify Malicious' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

CISC-L2-000040 - The Cisco switch must manage excess bandwidth to limit the effects of packet flooding types of denial-of-service (DoS) attacks.DISA Cisco IOS XE Switch L2S STIG v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-L2-000040 - The Cisco switch must manage excess bandwidth to limit the effects of packet-flooding types of denial-of-service (DoS) attacks.DISA Cisco IOS Switch L2S STIG v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-L2-000140 - The Cisco switch must have IP Source Guard enabled on all user-facing or untrusted access switch ports.DISA Cisco IOS Switch L2S STIG v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-L2-000140 - The Cisco switch must have IP Source Guard enabled on all user-facing or untrusted access switch ports.DISA Cisco IOS XE Switch L2S STIG v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-ND-001140 - The Cisco router must be configured to encrypt SNMP messages using a FIPS 140-2 approved algorithm.DISA Cisco IOS XE Router NDM STIG v3r7Cisco

ACCESS CONTROL

Encryption type for password protected Office Open XML filesMicrosoft 365 Apps for Enterprise 2306 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office Open XML filesMSCT Office 365 ProPlus 1908 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure 'TACACS+/RADIUS' is configured correctly - protocolTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

Ensure 'TACACS+/RADIUS' is configured correctly - protocolTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

ACCESS CONTROL

EP11-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-011600 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000222 - OHS must have the ScoreBoardFile directive disabled.DISA STIG Oracle HTTP Server 12.1.3 v2r3Unix

CONFIGURATION MANAGEMENT