Item Search

Name	Audit Name	Plugin	Category
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS AlmaLinux OS 9 v2.0.0 L2 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS AlmaLinux OS 9 v2.0.0 L2 Workstation	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS Rocky Linux 9 v2.0.0 L2 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS Oracle Linux 8 Workstation L2 v3.0.0	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS AlmaLinux OS 8 Server L2 v3.0.0	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS CentOS Linux 7 v4.0.0 L2 Workstation	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS Red Hat EL8 Workstation L2 v3.0.0	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.4 Ensure repo_gpgcheck is globally activated	CIS Amazon Linux 2023 Server L2 v1.0.0	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.3.1.8 Ensure SETroubleshoot is not installed	CIS AlmaLinux OS 9 v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.3.1.8 Ensure SETroubleshoot is not installed	CIS Rocky Linux 9 v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - /etc/sysctl.conf, /etc/sysctl.d/*	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.5.1.8 Ensure SETroubleshoot is not installed	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
1.5.1.8 Ensure SETroubleshoot is not installed	CIS AlmaLinux OS 8 Server L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.4 Ensure SETroubleshoot is not installed	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
1.6.1.7 Ensure SETroubleshoot is not installed	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS Fedora 28 Family Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS Amazon Linux 2023 Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.2 Ensure 'TLS 1.2' is set for HTTPS access	CIS Cisco Firewall v8.x L1 v4.2.0	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
1.8.3 Ensure 'HTTP idle timeout' is less than or equal to '5' minutes	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL
1.8.3 Ensure 'HTTP idle timeout' is less than or equal to '5' minutes	CIS Cisco Firewall v8.x L1 v4.2.0	Cisco	CONFIGURATION MANAGEMENT
1.8.6.1 Ensure 'Default File Format' is set to Enabled (Word Document (.docx))	CIS Microsoft Office Word 2013 v1.1.0	Windows	CONFIGURATION MANAGEMENT
1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5'	Tenable Cisco Firepower Best Practices Audit	Cisco	AUDIT AND ACCOUNTABILITY
2.2 Disable Local-only Graphical Login Environment	CIS Oracle Solaris 11.4 L1 v1.1.0	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.4.4 - CDE - remote GUI login disabled	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmod	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.3 (L1) Ensure the maximum failed login attempts is set to 5	CIS VMware ESXi 7.0 v1.4.0 L1	VMware	ACCESS CONTROL
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth [default=die] pam_faillock.so authfail audit deny=5 unlock_time=900'	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth sufficient pam_faillock.so authsucc audit deny=5 unlock_time=900'	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [default=die] pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.3 Ensure password reuse is limited	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation	Unix	IDENTIFICATION AND AUTHENTICATION
5.7 Do not enable the "root" account	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.14 Ensure 'on-failure' container restart policy is set to '5' - RestartPolicyName	CIS Docker Community Edition v1.1.0 L1 Docker	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=always	CIS Docker 1.12.0 v1.0.0 L1 Docker	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
89.18 (L1) Ensure 'Impersonate Client' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.20 (L1) Ensure 'Impersonate Client' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
Change the Size of the Anti-Replay Window	Tenable Cisco Viptela SD-WAN - vEdge	Cisco_Viptela	ACCESS CONTROL
DTAVSEL-012 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions that are documented and approved by the ISSO/ISSM/AO.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-012 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when a virus or Trojan is detected.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-108 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must only be configured with exclusions that are documented and approved by the ISSO/ISSM/AO.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-108 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
Ensure 'console session timeout' is less than or equal to '5' minutes	Tenable Cisco Firepower Best Practices Audit	Cisco	ACCESS CONTROL
EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - version	EDB PostgreSQL Advanced Server v11 DB Audit v2r4	PostgreSQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
VCEM-67-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access.	DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search