Item Search

Name	Audit Name	Plugin	Category
1.6 Verify That 'PGPASSWORD' is Not Set in Users' Profiles	CIS PostgreSQL 15 v1.2.0 L1 OS Linux Unix	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.7 Verify That the 'PGPASSWORD' Environment Variable is Not in Use	CIS PostgreSQL 14 OS v 1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.1.5 Ensure the filename pattern for log files is set correctly	CIS PostgreSQL 10 DB v1.0.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.1.5 Ensure the filename pattern for log files is set correctly	CIS PostgreSQL 9.5 DB v1.1.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.1.7 Ensure 'log_truncate_on_rotation' is enabled	CIS PostgreSQL 10 DB v1.0.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.1.7 Ensure 'log_truncate_on_rotation' is enabled	CIS PostgreSQL 12 DB v1.1.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.1.7 Ensure 'log_truncate_on_rotation' is enabled	CIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDB	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
9 - Information Leakage	TNS Best Practice Jetty 9 Linux	Unix
13 - Restrict access to temp directory - mode	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
14 - SSL Encryption - WSDL Secure Port	TNS Best Practice JBoss 7 Linux	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
18 - Restrict access to context.xml - owner	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
19 - Cluster Authentication	TNS Best Practice JBoss 7 Linux	Unix	ACCESS CONTROL
19 - Restrict access to logging.properties - owner	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
21 - Restrict access to users.xml - mode	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
23 - Strong password policy must be established	TNS Best Practice Jetty 9 Linux	Unix
24 - Remove extraneous files and directories - $JETTY_BASE/webapps/doc	TNS Best Practice Jetty 9 Linux	Unix	CONFIGURATION MANAGEMENT
24 - Remove extraneous files and directories - $JETTY_BASE/webapps/examples	TNS Best Practice Jetty 9 Linux	Unix	CONFIGURATION MANAGEMENT
24 - Remove extraneous files and directories - $JETTY_BASE/webapps/js-examples	TNS Best Practice Jetty 9 Linux	Unix	CONFIGURATION MANAGEMENT
43 - Do not resolve hosts on logging valves - SERVER_XML	TNS Best Practice Jetty 9 Linux	Unix	CONFIGURATION MANAGEMENT
44 - Use Lockout Realms	TNS Best Practice Jetty 9 Linux	Unix	ACCESS CONTROL
Adtran : Disable SSLv2	TNS Adtran AOS Best Practice Audit	Adtran	CONFIGURATION MANAGEMENT
Adtran : Disable TFTP	TNS Adtran AOS Best Practice Audit	Adtran	CONFIGURATION MANAGEMENT
Adtran : Enable Firewall	TNS Adtran AOS Best Practice Audit	Adtran	SYSTEM AND COMMUNICATIONS PROTECTION
Adtran : Enable firewall syn-flood detection	TNS Adtran AOS Best Practice Audit	Adtran	SYSTEM AND COMMUNICATIONS PROTECTION
Adtran : Enable service password-encryption	TNS Adtran AOS Best Practice Audit	Adtran	IDENTIFICATION AND AUTHENTICATION
Adtran : List enabled interfaces	TNS Adtran AOS Best Practice Audit	Adtran	CONFIGURATION MANAGEMENT
Adtran : Set 'motd' Banner	TNS Adtran AOS Best Practice Audit	Adtran	ACCESS CONTROL
CD12-00-009100 - Access to external executables must be disabled or restricted.	DISA STIG Crunchy Data PostgreSQL DB v3r1	PostgreSQLDB	CONFIGURATION MANAGEMENT
EPAS-00-004700 - The DBMS must map the PKI-authenticated identity to an associated user account.	EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1	Unix	IDENTIFICATION AND AUTHENTICATION
Extreme : Only allow SNMPv3	TNS Extreme ExtremeXOS Best Practice Audit	Extreme_ExtremeXOS	CONFIGURATION MANAGEMENT
Extreme : Password Policy - min-length >= 8	TNS Extreme ExtremeXOS Best Practice Audit	Extreme_ExtremeXOS	IDENTIFICATION AND AUTHENTICATION
Huawei: Configure appropriate NTP server	TNS Huawei VRP Best Practice Audit	Huawei	AUDIT AND ACCOUNTABILITY
Huawei: Device clock disable DST adjustment	TNS Huawei VRP Best Practice Audit	Huawei	CONFIGURATION MANAGEMENT
Huawei: Information Center is not disabled.	TNS Huawei VRP Best Practice Audit	Huawei	AUDIT AND ACCOUNTABILITY
Huawei: Insecure HTTP is not configured.	TNS Huawei VRP Best Practice Audit	Huawei	CONFIGURATION MANAGEMENT
Huawei: Require Group for SNMPv3 Access	TNS Huawei VRP Best Practice Audit	Huawei	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
Huawei: Require service timestamp	TNS Huawei VRP Best Practice Audit	Huawei	AUDIT AND ACCOUNTABILITY
Huawei: Set super password	TNS Huawei VRP Best Practice Audit	Huawei	IDENTIFICATION AND AUTHENTICATION
Huawei: SNMP appropriate trap host	TNS Huawei VRP Best Practice Audit	Huawei	AUDIT AND ACCOUNTABILITY
Huawei: SNMP Community string != private	TNS Huawei VRP Best Practice Audit	Huawei	IDENTIFICATION AND AUTHENTICATION
PGS9-00-009100 - Access to external executables must be disabled or restricted.	DISA STIG PostgreSQL 9.x on RHEL DB v2r5	PostgreSQLDB	CONFIGURATION MANAGEMENT
PPS9-00-006100 - Access to database files must be limited to relevant processes and to authorized, administrative users.	EDB PostgreSQL Advanced Server OS Linux Audit v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
WatchGuard : Authentication Settings - 'Management User Session Timeout'	TNS Best Practice WatchGuard Audit 1.0.0	WatchGuard	ACCESS CONTROL
WatchGuard : Data Loss Prevention Signature Update - 'Enabled'	TNS Best Practice WatchGuard Audit 1.0.0	WatchGuard	SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
WatchGuard : DoS Prevention - Drop IP Source Route	TNS Best Practice WatchGuard Audit 1.0.0	WatchGuard	SYSTEM AND COMMUNICATIONS PROTECTION
WatchGuard : IPS Threat Level Action High - DROP or BLOCK	TNS Best Practice WatchGuard Audit 1.0.0	WatchGuard	SYSTEM AND INFORMATION INTEGRITY
WatchGuard : Logging - Remote Logging Enabled	TNS Best Practice WatchGuard Audit 1.0.0	WatchGuard	AUDIT AND ACCOUNTABILITY
WatchGuard : WINS Servers	TNS Best Practice WatchGuard Audit 1.0.0	WatchGuard	CONFIGURATION MANAGEMENT
WN12-PK-000007-DC - PKI certificates associated with user accounts must be issued by the DoD PKI or an approved External Certificate Authority (ECA).	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION
WN22-DC-000290 - Windows Server 2022 domain controller PKI certificates must be issued by the DOD PKI or an approved External Certificate Authority (ECA).	DISA Microsoft Windows Server 2022 STIG v2r8	Windows	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search