Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Install only required packagesCIS PostgreSQL 13 OS v1.2.0Unix

CONFIGURATION MANAGEMENT

1.2 Install only required packagesCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT

1.5 Ensure the Latest Security Patches are AppliedCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

1.7 Verify That the 'PGPASSWORD' Environment Variable is Not in UseCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP addressTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.6 Ensure that usage is restricted and expiry is enforced for Databricks personal access tokensCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL

4.3 Ensure excessive administrative privileges are revokedCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure excessive administrative privileges are revokedCIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDBPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'dbsnmp services are using correct service account'DISA STIG Oracle 11 Instance v9r1 OS UnixUnix

ACCESS CONTROL

DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'No Oracle services are running as LocalSystem'DISA STIG Oracle 11 Instance v9r1 OS WindowsWindows

ACCESS CONTROL

DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'Oracle Services are running under dedicated service accounts'DISA STIG Oracle 11 Instance v9r1 OS WindowsWindows

ACCESS CONTROL

DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'pmon services are using correct service account'DISA STIG Oracle 11 Instance v9r1 OS UnixUnix

ACCESS CONTROL

Ensure 'aaa local authentication max failed attempts' is set to less than or equal to '3'Tenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

Ensure 'console session timeout' is less than or equal to '5' minutesTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

Ensure 'EIGRP authentication' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Failover' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Host Name' is setTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'HTTP session timeout' is less than or equal to '5' minutesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Image Authenticity' is correctTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND INFORMATION INTEGRITY

Ensure 'Image Integrity' is correctTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND INFORMATION INTEGRITY

Ensure 'ip verify' is set to 'reverse-path' for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb)Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging to monitor' is disabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'logging' is enabledTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'noproxyarp' is enabled for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'OSPF authentication' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Password Policy' is enabled - minimum-lengthTenable Cisco Firepower Best Practices AuditCisco

IDENTIFICATION AND AUTHENTICATION

Ensure 'SNMP community string' is not the default stringTenable Cisco Firepower Best Practices AuditCisco

IDENTIFICATION AND AUTHENTICATION

Ensure 'SNMP traps' is enabled - authenticationTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - coldstartTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - linkdownTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - linkupTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'snmp-server group' is set to 'v3 priv'Tenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'snmp-server host' is set to 'version 3'Tenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SSH source restriction' is set to an authorized IP addressTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure 'TACACS+/RADIUS' is configured correctly - protocolTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

Ensure 'threat-detection statistics' is set to 'tcp-intercept'Tenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure 'TLS 1.0' is set for HTTPS accessTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure 'Unused Interfaces' is disableTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

Ensure DHCP services are disabled for untrusted interfaces - dhcprelayTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure DNS services are configured correctly - domain-lookupTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure email logging is configured for critical to emergencyTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure intrusion prevention is enabled for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure known default accounts do not existTenable Cisco Firepower Best Practices AuditCisco

IDENTIFICATION AND AUTHENTICATION

Ensure non-default application inspection is configured correctlyTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND INFORMATION INTEGRITY

Ensure packet fragments are restricted for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure that the 'max_allowed_packet' database flag for a Cloud Databases Mysql instance is setTenable Best Practices RackSpace v2.0.0Rackspace

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure that the 'max_connections' database flag for a Cloud Databases Mysql instance is setTenable Best Practices RackSpace v2.0.0Rackspace

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure timezone is properly configuredTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT