Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure packages are obtained from authorized repositoriesCIS PostgreSQL 12 OS v1.1.0Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

1.1 Ensure packages are obtained from authorized repositoriesCIS PostgreSQL 14 OS v 1.2.0Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

3.1.3 Ensure the logging collector is enabledCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.7 Ensure 'log_truncate_on_rotation' is enabledCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.7 Ensure 'log_truncate_on_rotation' is enabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

AUDIT AND ACCOUNTABILITY

4.4 Ensure images are scanned and rebuilt to include security patchesCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure the TimeOut Is Set ProperlyCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.1 Ensure the TimeOut Is Set ProperlyCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

CONFIGURATION MANAGEMENT

9.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On'CIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

RISK ASSESSMENT

Adtran : Disable SSID BroadcastTNS Adtran AOS Best Practice AuditAdtran

CONFIGURATION MANAGEMENT

Adtran : Enable aaa authenticationTNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Adtran : Ensure the default 'admin' username is not usedTNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Buffer overflow protection should be configured 'LimitRequestFields'TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND INFORMATION INTEGRITY

Buffer overflow protection should be configured 'LimitRequestline'TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND INFORMATION INTEGRITY

CD12-00-010300 - PostgreSQL must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

CGI-BIN directory should be disabled. 'AddModule mod_env.c'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

Directory access permissions should be restricted.TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

Ensure that the 'max_allowed_packet' database flag for a Cloud Databases Mysql instance is setTenable Best Practices RackSpace v2.0.0Rackspace

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure that the 'max_connections' database flag for a Cloud Databases Mysql instance is setTenable Best Practices RackSpace v2.0.0Rackspace

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure that the 'skip_show_database' database flag for a Cloud Databases Mysql instance is set to '1'Tenable Best Practices RackSpace v2.0.0Rackspace

SYSTEM AND COMMUNICATIONS PROTECTION

EPAS-00-001100 - The EDB Postgres Advanced Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

AUDIT AND ACCOUNTABILITY

EPAS-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/used by the EDB Postgres Advanced Server.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

Extreme : Configure idletimeout <= 15TNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

ACCESS CONTROL

Extreme : Password Policy - char-validationTNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

IDENTIFICATION AND AUTHENTICATION

Extreme : Password Policy - min-length >= 8TNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

IDENTIFICATION AND AUTHENTICATION

HTTP TRACE method should be disabled. 'RewriteLog'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

Keep Alive Timeout setting value should be appropriately configured.TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Logging Directives should be restricted to authorized users. - 'LogLevel notice'TNS IBM HTTP Server Best PracticeUnix

AUDIT AND ACCOUNTABILITY

Logs containing auditing information should be secured at the directory level.TNS IBM HTTP Server Best PracticeWindows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

MinSpareServers parameter value should be appropriately configured.TNS IBM HTTP Server Best PracticeWindows

SYSTEM AND COMMUNICATIONS PROTECTION

Non-Essential modules should be disabled. 'mod_include'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_status'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

PPS9-00-002600 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized read access.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

AUDIT AND ACCOUNTABILITY

PPS9-00-002800 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized deletion.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

AUDIT AND ACCOUNTABILITY

PPS9-00-003000 - The EDB Postgres Advanced Server must protect its audit configuration from unauthorized modification.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

AUDIT AND ACCOUNTABILITY

PPS9-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/utilized by the EDB Postgres Advanced Server.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

IDENTIFICATION AND AUTHENTICATION

Server version information parameters should be turned off - 'ServerTokens Prod'TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Timeout value parameter value should be appropriately configuredTNS IBM HTTP Server Best PracticeUnix

ACCESS CONTROL

WN16-DC-000290 - Domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA).DISA Microsoft Windows Server 2016 STIG v2r10Windows

IDENTIFICATION AND AUTHENTICATION

WN19-DC-000290 - Windows Server 2019 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA).DISA Microsoft Windows Server 2019 STIG v3r4Windows

IDENTIFICATION AND AUTHENTICATION

WN22-DC-000290 - Windows Server 2022 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA).DISA Microsoft Windows Server 2022 STIG v2r4Windows

IDENTIFICATION AND AUTHENTICATION