Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3 Ensure separate file system for /tmpCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4 Ensure software packages have been digitally signed by a Certificate Authority (CA)CIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

1.5.6 Ensure NIST FIPS-validated cryptography is configured - installedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.7 Ensure DNS is servers are configured - empty resolvCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

1.7.1.7 Ensure the Standard Mandatory DoD Notice and Consent Banner are configured - sshd_configCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

1.7.3 If a Local Time Zone is used, Configure Daylight SavingsCIS Cisco NX-OS L1 v1.1.0Cisco

AUDIT AND ACCOUNTABILITY

2.1.4 Ensure TFTP daemon is configured to operate in secure mode.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.2.2.3 Ensure GNOME Screensaver period of inactivity is configured.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

2.2.2.9 Ensure session idle-delay settings is enforcedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

2.2.26 Ensure ldap_tls_cacert is set for LDAP - configCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.2.26 Ensure ldap_tls_cacert is set for LDAP - fileCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.2.28 Ensure ldap_tls_reqcert is set for LDAPCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.31 Ensure noexec option is configured for NFS.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

4.1.2.13 Ensure audit of kmod commandCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.19 Ensure audit of semanage commandCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.22 Ensure audit of setfiles commandCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.25 Ensure audit of the mount command and syscallCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.20 Ensure the auditing processing failures are handled.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Enure off-load of audit logs - pathCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

5.2.22 Ensure only FIPS 140-2 ciphers are used for SSHCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.27 Ensure SSH does not permit GSSAPICIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

5.2.33 Ensure no 'shosts.equiv' files exist on the system.CIS Amazon Linux 2 STIG v1.0.0 L3Unix
5.003 - Booting into alternate operating systems is permitted.DISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

5.3.11 Ensure system-auth is used when changing passwordsCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.10 Ensure delay between logon prompts on failureCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

5.4.9 Ensure there are no unnecessary accountsCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

6.2.21 Ensure that all files and directories contained in local interactive user home directories are owned by the userCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

6.2.26 Ensure local interactive users' 'dot' files executable paths resolve to the users home directory.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

6.2.29 Ensure users' files and directories within the home directory permissions are 750 or more restrictiveCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

7.6 Ensure port groups are not configured to VLAN 4095 except for Virtual Guest Tagging (VGT)CIS VMware ESXi 6.7 v1.3.0 Level 1VMware

SYSTEM AND INFORMATION INTEGRITY

18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

19.7.15.1.2 Ensure 'Turn on off details pane' is set to 'Enabled: Always hide'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

20.31 Ensure 'Host-based firewall is installed and enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.31 Ensure 'Host-based firewall is installed and enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.31 Ensure 'Host-based firewall is installed and enabled' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-13-013100 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.AirWatch - DISA Apple iOS/iPadOS 13 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Auditing and loggingArubaOS CX 10.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY

CASA-ND-000940 - The Cisco ASA must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources.DISA STIG Cisco ASA NDM v2r2Cisco

AUDIT AND ACCOUNTABILITY

CISC-ND-000150 - The Cisco router must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes.DISA STIG Cisco IOS XE Router NDM v3r2Cisco

ACCESS CONTROL

GEN003619 - The system must not be configured for network bridging.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

HP ProCurve - 'Disable SNMPv2'TNS HP ProCurveHPProCurve

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

HP ProCurve - 'Enable SNMPv3'TNS HP ProCurveHPProCurve

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

JUEX-L2-000090 - The Juniper EX switch must be configured to enable BPDU Protection on all user-facing or untrusted access switch ports.DISA Juniper EX Series Layer 2 Switch v2r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

Local password complexity - password minimum-lengthArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

IDENTIFICATION AND AUTHENTICATION

SNMP Destination - VersionTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

Web Session Idle Timeout (s)Tenable Cisco ACICisco_ACI

ACCESS CONTROL