Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1.3 Ensure repo_gpgcheck is globally activatedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1.3 Ensure repo_gpgcheck is globally activatedCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1.3 Ensure repo_gpgcheck is globally activatedCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1.3 Ensure repo_gpgcheck is globally activatedCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.3 Ensure repo_gpgcheck is globally activatedCIS AlmaLinux OS 8 Workstation L2 v3.0.0Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.3 Ensure repo_gpgcheck is globally activatedCIS Rocky Linux 8 Server L2 v2.0.0Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.3 Ensure repo_gpgcheck is globally activatedCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.3 Ensure repo_gpgcheck is globally activatedCIS Oracle Linux 7 v4.0.0 L2 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.3 Ensure repo_gpgcheck is globally activatedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.3.1.8 Ensure SETroubleshoot is not installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.5.1 Ensure core dumps are restricted - limits.conf, limits.d/*CIS Amazon Linux v2.1.0 L1Unix

ACCESS CONTROL

1.5.1 Ensure core dumps are restricted - sysctlCIS Amazon Linux v2.1.0 L1Unix

ACCESS CONTROL

1.5.1.8 Ensure SETroubleshoot is not installedCIS Rocky Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.5.1.8 Ensure SETroubleshoot is not installedCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.5.1.8 Ensure SETroubleshoot is not installedCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.5.1.8 Ensure SETroubleshoot is not installedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.6.1.7 Ensure SETroubleshoot is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.6.1.7 Ensure SETroubleshoot is not installedCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

1.10.11 Ensure 'logging trap severity level' is greater than or equal to '5'CIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit)CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmodCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl modprobeCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl modprobeCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmodCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmodCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit)CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - insmodCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - modprobeCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - rmmodCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.18 Ensure kernel module loading and unloading is collected - auditctl init_moduleCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.18 Ensure kernel module loading and unloading is collected - auditctl insmodCIS Distribution Independent Linux Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.18 Ensure kernel module loading and unloading is collected - insmodCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.3 Ensure excessive function privileges are revokedCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=alwaysCIS Docker 1.11.0 v1.0.0 L1 DockerUnix
5.18 Install an approved tokend for smartcard authenticationCIS Apple OSX 10.9 L2 v1.3.0Unix

IDENTIFICATION AND AUTHENTICATION

8.1.17 Collect Kernel Module Loading and Unloading - /sbin/modprobeCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.17 Collect Kernel Module Loading and Unloading - /sbin/rmmodCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.17 Collect Kernel Module Loading and Unloading - 32 bit init_moduleCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.17 Collect Kernel Module Loading and Unloading - 64 bit init_moduleCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

89.30 (L1) Ensure 'Profile System Performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

BIND-9X-001059 - On the BIND 9.x server the platform on which the name server software is hosted must be configured to send outgoing DNS messages from a random port.DISA BIND 9.x STIG v2r3Unix

CONFIGURATION MANAGEMENT

CISC-RT-000240 - The Cisco perimeter switch must be configured to deny network traffic by default and allow network traffic by exception.DISA STIG Cisco IOS Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS).DISA Cisco IOS Router RTR STIG v3r3Cisco

ACCESS CONTROL

CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) switch must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries.DISA Cisco NX OS Switch RTR STIG v3r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

Enable IKE Version 1/2 - cipher-suiteTenable Cisco Viptela SD-WAN - vEdgeCisco_Viptela

SYSTEM AND COMMUNICATIONS PROTECTION

GEN000000-LNX00360 - The X server must have the correct options enabled - '-s <= 15'DISA STIG for Oracle Linux 5 v2r1Unix

CONFIGURATION MANAGEMENT

VCLD-80-000100 The vCenter VAMI service must implement prevent rendering inside a frame or iframe on another site.DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1Unix

CONFIGURATION MANAGEMENT

VCLD-80-000101 The vCenter VAMI service must protect against MIME sniffing.DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1Unix

CONFIGURATION MANAGEMENT