Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure that Corporate Login Credentials are Used	CIS Google Cloud Platform v3.0.0 L1	GCP	ACCESS CONTROL
1.1.1 Enable 'aaa new-model'	CIS Cisco IOS 15 L1 v4.1.1	Cisco	ACCESS CONTROL
1.1.2 Enable 'aaa authentication login'	CIS Cisco IOS XE 16.x v2.1.0 L1	Cisco	ACCESS CONTROL
1.1.4 Set 'login authentication for 'line vty'	CIS Cisco IOS XE 16.x v2.1.0 L1	Cisco	ACCESS CONTROL
1.1.5 Set 'login authentication for 'line tty'	CIS Cisco IOS 15 L1 v4.1.1	Cisco	ACCESS CONTROL
1.1.8 Set 'aaa accounting connection'	CIS Cisco IOS 15 L2 v4.1.1	Cisco	ACCESS CONTROL
1.3.2 Ensure sudo commands use pty	CIS Debian Family Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.3.4 Ensure 'Minimum Lowercase Letters' is greater than or equal to 1	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	ACCESS CONTROL
1.3.6 Ensure 'Minimum Special Characters' is greater than or equal to 1	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	ACCESS CONTROL
1.4.4.2 Ensure 'aaa authorization exec' is configured correctly	CIS Cisco Firewall v8.x L1 v4.2.0	Cisco	ACCESS CONTROL
2.3.1.2 Ensure 'Accounts: Guest account status' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.1.5 Configure 'Accounts: Rename guest account'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'	CIS Oracle Server 18c DB Traditional Auditing v1.1.0	OracleDB	ACCESS CONTROL
3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL
3.4 Ensure SQL Authentication is not used in contained databases	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL
3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'	AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1	MDM	ACCESS CONTROL
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL
4.2 Ensure excessive administrative privileges are revoked	CIS PostgreSQL 10 DB v1.0.0	PostgreSQLDB	ACCESS CONTROL
4.4 Ensure excessive DML privileges are revoked	CIS PostgreSQL 10 DB v1.0.0	PostgreSQLDB	ACCESS CONTROL
4.5 Ensure excessive DML privileges are revoked	CIS PostgreSQL 9.5 DB v1.1.0	PostgreSQLDB	ACCESS CONTROL
5.1.8 Ensure cron is restricted to authorized users - /etc/cron.deny	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.1.9 Ensure at is restricted to authorized users - /etc/at.deny	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
5.2.4 Ensure SSH access is limited	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.2.7 Ensure Password Age Is Configured	CIS Apple macOS 10.15 Catalina v3.0.0 L1	Unix	ACCESS CONTROL
5.2.7 Ensure Password Age Is Configured	CIS Apple macOS 11.0 Big Sur v4.0.0 L1	Unix	ACCESS CONTROL
5.3.2 Ensure lockout for failed password attempts is configured - account pam_deny.so	CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0	Unix	ACCESS CONTROL
5.3.2 Ensure lockout for failed password attempts is configured - auth pam_tally2.so	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	ACCESS CONTROL
5.3.3 Ensure password reuse is limited	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	ACCESS CONTROL
5.3.5 Ensure SSH access is limited	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
5.4.2 Ensure system accounts are secured	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	ACCESS CONTROL
5.4.2 Ensure system accounts are secured	CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0	Unix	ACCESS CONTROL
5.4.3 Ensure default group for the root account is GID 0	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
5.5 Ensure root login is restricted to system console	CIS Debian Family Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.5.2 Ensure system accounts are secured - non-login shell	CIS CentOS 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
5.5.2 Ensure system accounts are secured - unlocked non-root	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
5.5.2 Ensure system accounts are secured - unlocked non-root	CIS CentOS 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
5.6 Database Manager Configuration Parameter: FED_NOAUTH	CIS IBM DB2 11 v1.1.0 Windows OS Level 1	Windows	ACCESS CONTROL
5.7 Ensure access to the su command is restricted - pam_wheel.so	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
5.7 Ensure access to the su command is restricted - pam_wheel.so	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.7 Ensure access to the su command is restricted - wheel group contains root	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
6.2.16 Ensure no duplicate UIDs exist	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	ACCESS CONTROL
6.2.17 Ensure no duplicate GIDs exist	CIS Red Hat 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
6.2.17 Ensure no duplicate GIDs exist	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
6.2.19 Ensure no duplicate group names exist	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	ACCESS CONTROL
6.2.19 Ensure no duplicate group names exist	CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0	Unix	ACCESS CONTROL
6.5 Ensure 'Superuser' Runtime Parameters are Configured	CIS PostgreSQL 9.5 DB v1.1.0	PostgreSQLDB	ACCESS CONTROL
6.6 Ensure 'User' Runtime Parameters are Configured	CIS PostgreSQL 10 DB v1.0.0	PostgreSQLDB	ACCESS CONTROL
7.2 Ensure a replication-only user is created and used for streaming replication	CIS PostgreSQL 9.5 DB v1.1.0	PostgreSQLDB	ACCESS CONTROL
Accounts: Guest account status	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL
Ensure authentication required for single user mode	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	ACCESS CONTROL

Detections

Analytics

Item Search