Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of cramfs filesystems is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.4 Ensure nodev option set on /tmp partitionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.6 Ensure /dev/shm is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

1.1.7 Ensure noexec option set on /dev/shm partitionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.8 Ensure nodev option set on /dev/shm partitionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.14 Ensure /var/tmp partition includes the nosuid optionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

1.5.2 Ensure XD/NX support is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SYSTEM AND INFORMATION INTEGRITY

1.9 Ensure updates, patches, and additional security software are installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.1.2 Ensure chrony is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

2.4 Ensure nonessential services are removed or maskedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.2.1 Ensure IP forwarding is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not acceptedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.4 Ensure secure ICMP redirects are not acceptedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.5 Ensure suspicious packets are loggedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure TCP SYN Cookies is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1.6 Ensure network interfaces are assigned to appropriate zoneCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.5 Ensure an nftables table existsCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure nftables base chains existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.1.2 Ensure nftables is not installed with iptablesCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.5 Ensure iptables rules are savedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.2.2 Ensure journald is configured to compress large log filesCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.4 Ensure permissions on all logfiles are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.7 Ensure permissions on /etc/cron.d are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.5 Ensure permissions on SSH public host key files are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

5.3.6 Ensure SSH access is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.9 Ensure SSH MaxAuthTries is set to 4 or lessCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.3.12 Ensure SSH root login is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

5.3.17 Ensure only strong MAC algorithms are usedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.18 Ensure only strong Key Exchange algorithms are usedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.1 Ensure password expiration is 365 days or lessCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.4 Ensure inactive password lock is 30 days or lessCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6 Ensure root login is restricted to system consoleCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, MAINTENANCE, SYSTEM AND SERVICES ACQUISITION

6.1.4 Ensure permissions on /etc/shadow are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.6 Ensure permissions on /etc/gshadow- are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.9 Ensure permissions on /etc/group- are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.5 Ensure no duplicate user names existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.8 Ensure no duplicate GIDs existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.9 Ensure root is the only UID 0 accountCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - EnableRspndrCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableWPDRegistrarCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.20.2 Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.8.22.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

ACCESS CONTROL

18.8.52.1.2 Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.11.1.12 Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.18.3 Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

CONFIGURATION MANAGEMENT

18.10.77.1.3 Ensure 'Notify Password Reuse' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.77.1.3 Ensure 'Notify Password Reuse' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY