Item Search

Name	Audit Name	Plugin	Category
1.3.1.8 Ensure SETroubleshoot is not installed	CIS AlmaLinux OS 9 v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.3.1.8 Ensure SETroubleshoot is not installed	CIS Rocky Linux 9 v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - limits.conf, limits.d/*	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
1.5.1 Ensure core dumps are restricted - sysctl	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
1.5.1.8 Ensure SETroubleshoot is not installed	CIS Red Hat EL8 Server L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1.8 Ensure SETroubleshoot is not installed	CIS AlmaLinux OS 8 Server L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1.8 Ensure SETroubleshoot is not installed	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
1.6.1.4 Ensure SETroubleshoot is not installed	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS Amazon Linux 2023 Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS Fedora 28 Family Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
1.6.1.7 Ensure SETroubleshoot is not installed	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
1.6.1.7 Ensure SETroubleshoot is not installed	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.8.6.1 Ensure 'Default File Format' is set to Enabled (Word Document (.docx))	CIS Microsoft Office Word 2013 v1.1.0	Windows	CONFIGURATION MANAGEMENT
1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5'	Tenable Cisco Firepower Best Practices Audit	Cisco	AUDIT AND ACCOUNTABILITY
2.2 Disable Local-only Graphical Login Environment	CIS Oracle Solaris 11.4 L1 v1.1.0	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.4.4 - CDE - remote GUI login disabled	CIS AIX 5.3/6.1 L2 v1.1.0	Unix	ACCESS CONTROL
4.1.16 Ensure kernel module loading and unloading is collected - auditctl modprobe	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmod	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - insmod	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - modprobe	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.3 (L1) Ensure the maximum failed login attempts is set to 5	CIS VMware ESXi 7.0 v1.5.0 L1	VMware	ACCESS CONTROL
4.4.3 Ensure password reuse is limited	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation	Unix	IDENTIFICATION AND AUTHENTICATION
4.4.3 Ensure password reuse is limited	CIS Debian 10 Server L1 v2.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth [success=1 default=bad] pam_unix.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth required pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.7 Do not enable the "root" account	CIS Apple OSX 10.9 L1 v1.3.0	Unix	ACCESS CONTROL
5.14 Ensure 'on-failure' container restart policy is set to '5' - RestartPolicyName	CIS Docker Community Edition v1.1.0 L1 Docker	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=always	CIS Docker 1.12.0 v1.0.0 L1 Docker	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.15 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=always	CIS Docker 1.6 v1.0.0 L1 Docker	Unix
5.18 Install an approved tokend for smartcard authentication	CIS Apple OSX 10.9 L2 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
8.1.17 Collect Kernel Module Loading and Unloading - /sbin/insmod	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.17 Collect Kernel Module Loading and Unloading - /sbin/modprobe	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.17 Collect Kernel Module Loading and Unloading - /sbin/rmmod	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.17 Collect Kernel Module Loading and Unloading - 32 bit init_module	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.17 Collect Kernel Module Loading and Unloading - 64 bit init_module	CIS Debian Linux 7 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
89.30 (L1) Ensure 'Profile System Performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
AIX7-00-002128 - If bash is used, AIX must display logout messages.	DISA STIG AIX 7.x v3r1	Unix	ACCESS CONTROL
Change the Size of the Anti-Replay Window	Tenable Cisco Viptela SD-WAN - vEdge	Cisco_Viptela	ACCESS CONTROL
CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) switch must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries.	DISA Cisco NX OS Switch RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000830 - The Cisco multicast Rendezvous Point (RP) switch must be configured to filter Protocol Independent Multicast (PIM) Register messages received from the Designated switch (DR) for any undesirable multicast groups and sources.	DISA Cisco IOS XE Switch RTR STIG v3r2	Cisco	ACCESS CONTROL
DTAVSEL-012 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions that are documented and approved by the ISSO/ISSM/AO.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-012 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when a virus or Trojan is detected.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-108 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must only be configured with exclusions that are documented and approved by the ISSO/ISSM/AO.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-108 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
Enable IKE Version 1/2 - cipher-suite	Tenable Cisco Viptela SD-WAN - vEdge	Cisco_Viptela	SYSTEM AND COMMUNICATIONS PROTECTION
EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - version	EDB PostgreSQL Advanced Server v11 DB Audit v2r4	PostgreSQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search