Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.1 Disable Bluetooth, if no paired devices existCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
2.8 Ensure monitoring and alerting exists for new share exposuresCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - auditctl btmpCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - auditctl utmpCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - auditctl wtmpCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - utmpCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - wtmpCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - '/var/log/btmp'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - '/var/log/btmp'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - '/var/log/wtmp'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - '/var/run/utmp'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - 'auditctl btmp'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - 'auditctl utmp'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - /var/log/btmpCIS Debian 9 Workstation L2 v1.0.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - /var/log/btmpCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - /var/log/btmpCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - /var/log/wtmpCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - /var/log/wtmpCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - /var/run/utmpCIS Debian 9 Server L2 v1.0.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - /var/run/utmpCIS Debian 9 Workstation L2 v1.0.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmpCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmpCIS Debian 9 Server L2 v1.0.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmpCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmpCIS Debian 9 Server L2 v1.0.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmpCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmpCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmpCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmpCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmpCIS Debian 9 Workstation L2 v1.0.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl btmpCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - btmpCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - wtmpCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure session initiation information is collected - btmpCIS Distribution Independent Linux Server L2 v2.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.10 Ensure session initiation information is collected - wtmpCIS Distribution Independent Linux Server L2 v2.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.2.2 Ensure sudo commands use ptyCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.9 Collect Login and Logout Events - /var/log/btmpCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

8.1.9 Collect Session Initiation Information - /var/log/btmpCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.9 Collect Session Initiation Information - /var/run/utmpCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

AZLX-23-002365 - Amazon Linux 2023 must enforce password complexity by requiring that at least one numeric character be used.DISA Amazon Linux 2023 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION

AZLX-23-002370 - Amazon Linux 2023 must require the change of at least 50 percent of the total number of characters when passwords are changed.DISA Amazon Linux 2023 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION

AZLX-23-002380 - Amazon Linux 2023 must enforce password complexity by requiring that at least one special character be used.DISA Amazon Linux 2023 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION

Ensure session initiation information is collected - auditctl btmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure session initiation information is collected - auditctl wtmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure session initiation information is collected - btmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

FireEye - Usernames listTNS FireEyeFireEye

ACCESS CONTROL

GOOG-15-006800 - Google Android 15 must be configured to not display the following (work profile) notifications when the device is locked:AirWatch - DISA Google Android 15 COBO v1r2MDM

ACCESS CONTROL

RHEL-06-000285 - The system must have a host-based intrusion detection tool installed - MFEhiplsmDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Review ProxiesDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - InternalDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000660 - Symantec ProxySG providing content filtering must send an alert to, at a minimum, the ISSO and ISSM when detection events occur.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

SYSTEM AND INFORMATION INTEGRITY