Item Search

Name	Audit Name	Plugin	Category
1.1.1.1 Ensure mounting of cramfs filesystems is disabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
1.1.1.3 Ensure mounting of udf filesystems is disabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
1.1.3 Ensure noexec option set on /tmp partition	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
1.4.2 Ensure permissions on bootloader config are configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.10.4 Ensure Login Window Displays as Name and Password Is Enabled	CIS Apple macOS 14.0 Sonoma v2.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.10.5 Ensure Show Password Hints Is Disabled	CIS Apple macOS 14.0 Sonoma v2.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.13 Audit Notification & Focus Settings	CIS Apple macOS 12.0 Monterey v4.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.2.1 Ensure IP forwarding is disabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.1 Ensure source routed packets are not accepted	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.1 Ensure source routed packets are not accepted	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.2 Ensure ICMP redirects are not accepted	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.6 Ensure broadcast ICMP requests are ignored	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.7 Ensure bogus ICMP responses are ignored	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.8 Ensure Reverse Path Filtering is enabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.2.17 Ensure sshd MaxStartups is configured	CIS Red Hat EL8 Workstation L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.2.17 Ensure sshd MaxStartups is configured	CIS AlmaLinux OS 8 Server L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.4.2.2 Ensure pam_faillock module is enabled	CIS Oracle Linux 8 Server L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.5.1.2 Ensure password expiration is 365 days or less	CIS Oracle Linux 8 Server L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.5.1.2 Ensure password expiration is 365 days or less	CIS Red Hat EL8 Workstation L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.5.1.2 Ensure password expiration is 365 days or less	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.5.1.2 Ensure password expiration is 365 days or less	CIS AlmaLinux OS 8 Workstation L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.5.1.3 Ensure password expiration warning days is 7 or more	CIS Red Hat EL8 Workstation L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.5.2.1 Ensure default group for the root account is GID 0	CIS AlmaLinux OS 8 Server L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.5.4 (L2) Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)' is set to 'Enabled'	CIS Microsoft Intune for Windows 10 v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.6.1.1 Ensure password expiration is 365 days or less	CIS Amazon Linux 2023 Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.1.1 Ensure cron daemon is enabled and running	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.2.2 Ensure sudo commands use pty	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.4.1.3 Ensure password expiration warning days is configured	CIS Debian Linux 12 v1.1.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.4.2 Ensure lockout for failed password attempts is configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.5.1.1 Ensure password expiration is 365 days or less	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.1.2 Ensure Show Password Hints Is Disabled	CIS Apple macOS 12.0 Monterey v4.0.0 L1	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.1.12 Ensure no ungrouped files or directories exist	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.1.13 Audit SUID executables	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.1.14 Audit SGID executables	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.4 Ensure shadow group is empty	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.4 Ensure shadow group is empty	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.7 Ensure no duplicate UIDs exist	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.8 Ensure no duplicate GIDs exist	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
7.21 (L1) Virtual machines must deactivate virtual disk shrinking operations	CIS VMware ESXi 8.0 v1.2.0 L1	VMware	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
15.1 (L1) Ensure 'Config refresh' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.9.19.5 (L1) Ensure 'Configure security policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.9.19.7 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.9.33.6.4 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (plugged in)' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
49.22 (L1) Ensure 'Network Security: Allow PKU2U authentication requests' is set to 'Block'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

Detections

Analytics

Item Search