Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.16 Ensure no login exists with the name 'sa'CIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6 - Run your Instance as non privileged userTNS Best Practice JBoss 7 LinuxUnix

ACCESS CONTROL

6.31 Don't use the default VPCCIS Amazon Web Services Three-tier Web Architecture L2 1.0.0amazon_aws

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

9 - Information LeakageTNS Best Practice Jetty 9 LinuxUnix
11 - Access Control - JAASTNS Best Practice Jetty 9 LinuxUnix
13 - Disable stacktrace in response bodyTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

13 - Restrict access to temp directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

13 - Restrict access to temp directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

14 - Restrict access to binaries directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

14 - SSL Encryption - WSDL Secure PortTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

15 - Restrict access to web application directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

15 - Restrict access to web application directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

16 - ORB Subsystem - Initializers OnTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

16 - Restrict access to JETTY.policy - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

16 - Restrict access to JETTY.policy - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

18 - Restrict access to context.xml - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

18 - Restrict access to context.xml - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

18 - Role Based Authentication per queueTNS Best Practice JBoss 7 LinuxUnix

ACCESS CONTROL

19 - Cluster AuthenticationTNS Best Practice JBoss 7 LinuxUnix

ACCESS CONTROL

19 - Restrict access to logging.properties - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

19 - Restrict access to logging.properties - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

20 - Restrict access to server.xml - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

21 - Restrict access to users.xml - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

23 - Strong password policy must be establishedTNS Best Practice Jetty 9 LinuxUnix
24 - Remove extraneous files and directories - $JETTY_BASE/webapps/docTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/examplesTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/js-examplesTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/servlet-exampleTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

43 - Do not resolve hosts on logging valves - SERVER_XMLTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

44 - Use Lockout RealmsTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

Buffer overflow protection should be configured 'LimitRequestFieldsize'TNS IBM HTTP Server Best PracticeWindows

SYSTEM AND COMMUNICATIONS PROTECTION

CGI-BIN directory should be disabled. 'Addmodule mod_cgi.c'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'Addmodule mod_cgi.c'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'LoadModule env_module'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

CNTR-K8-002011 - Kubernetes must have a Pod Security Admission control file configured.DISA STIG Kubernetes v2r5Unix

ACCESS CONTROL

Configuration files should be secured against unauthorized access.TNS IBM HTTP Server Best PracticeWindows
HTTP TRACE method should be disabled. 'RewriteEngine'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

HTTP TRACE method should be disabled. 'RewriteLog'TNS IBM HTTP Server Best PracticeWindows

AUDIT AND ACCOUNTABILITY

JUSX-DM-000087 - The Juniper SRX Services Gateway must have the number of rollbacks set to 5 or more.DISA Juniper SRX Services Gateway NDM v3r3Juniper

CONFIGURATION MANAGEMENT

Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log'TNS IBM HTTP Server Best PracticeWindows

AUDIT AND ACCOUNTABILITY

Management Services Security - Community strings and USM passwords should be difficult to guess and should follow a password policyJuniper Hardening JunOS 12 Devices ChecklistJuniper

IDENTIFICATION AND AUTHENTICATION

MaxClients parameter value should be configured to appropriate value.TNS IBM HTTP Server Best PracticeWindows

SYSTEM AND COMMUNICATIONS PROTECTION

MaxKeepAliveRequests parameter value should be appropriately configured.TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Non-Essential modules should be disabled. 'mod_autoindex'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

Server version information parameters should be turned off - 'ServerTokens Prod'TNS IBM HTTP Server Best PracticeWindows

SYSTEM AND COMMUNICATIONS PROTECTION

StartServers parameter value should be appropriately configured.TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Timeout value parameter value should be appropriately configuredTNS IBM HTTP Server Best PracticeUnix

ACCESS CONTROL

User IDs which disclose the privileges associated with it, should not be created. 'lock'TNS IBM HTTP Server Best PracticeUnix

ACCESS CONTROL

User IDs which disclose the privileges associated with it, should not be created. 'nologin'TNS IBM HTTP Server Best PracticeUnix

ACCESS CONTROL

VCPG-67-000004 - VMware Postgres must be configured to overwrite older logs when necessary.DISA STIG VMware vSphere 6.7 PostgreSQL v1r2Unix

AUDIT AND ACCOUNTABILITY