Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.3 Set a screen corner to Start Screen SaverCIS Apple macOS 10.12 L1 v1.2.0Unix

ACCESS CONTROL

2.3.4 Set a screen corner to Start Screen SaverCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

2.14 Ensure 'sa' Login Account has been renamedCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.14 Ensure IAM policies that allow full "*:*" administrative privileges are not attachedCIS Amazon Web Services Foundations v7.0.0 L1amazon_aws

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.15 Ensure a support role has been created to manage incidents with AWS SupportCIS Amazon Web Services Foundations v7.0.0 L1amazon_aws

INCIDENT RESPONSE

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.4 Ensure logging is enabled on all firewall policiesCIS FortiGate 7.4.x v1.0.1 L1FortiGate

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2025 v1.0.0 L1 AWS RDS MS_SQLDBMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2019 v1.5.2 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2022 v1.2.1 L1 Database EngineMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

4.3.2 Ensure DNS Filter logs all DNS queries and responsesCIS Fortigate 7.0.x v1.4.0 L1FortiGate

AUDIT AND ACCOUNTABILITY

6.8 Ensure VPC Endpoints are used for access to AWS ServicesCIS Amazon Web Services Foundations v7.0.0 L2amazon_aws

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

Buffer overflow protection should be configured 'LimitRequestBody'TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

Buffer overflow protection should be configured 'LimitRequestline'TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

CGI-BIN directory should be disabled. 'Addmodule mod_cgi.c'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'AddModule mod_env.c'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'Directory'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'LoadModule cgi_module'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'ScriptAlias'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Configuration files should be secured against unauthorized access.TNS IBM HTTP Server Best Practice MiddlewareUnix
Encryption protocols such as https should be usedTNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

File permissions in the root document should only be accessible by administratorTNS IBM HTTP Server Best Practice MiddlewareUnix
HTTP TRACE method should be disabled. 'RewriteCond'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

HTTP TRACE method should be disabled. 'RewriteEngine'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

HTTP TRACE method should be disabled. 'RewriteLog'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

HTTP TRACE method should be disabled. 'RewriteLogLevel'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Keep Alive setting parameter value should be appropriately configured.TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Limit HTTP methods allowed by the Web Server.TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Logging Directives should be restricted to authorized users. - 'CustomLog logs/access_log combined'TNS IBM HTTP Server Best Practice MiddlewareUnix

AUDIT AND ACCOUNTABILITY

Logging Directives should be restricted to authorized users. - 'LogLevel notice'TNS IBM HTTP Server Best Practice MiddlewareUnix

AUDIT AND ACCOUNTABILITY

Logs containing auditing information should be secured at the directory level.TNS IBM HTTP Server Best Practice MiddlewareUnix

AUDIT AND ACCOUNTABILITY

MaxClients parameter value should be configured to appropriate value.TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MaxKeepAliveRequests parameter value should be appropriately configured.TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MaxSpareServers parameter value should be appropriately configured.TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Non-Essential modules should be disabled. 'mod_include'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_info'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_status'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_userdir'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

O19C-00-009500 - System privileges granted using the WITH ADMIN OPTION must not be granted to unauthorized user accounts.DISA Oracle Database 19c STIG v1r5 OracleDBOracleDB

CONFIGURATION MANAGEMENT

O19C-00-009700 - Oracle roles granted using the WITH ADMIN OPTION must not be granted to unauthorized accounts.DISA Oracle Database 19c STIG v1r3 OracleDBOracleDB

CONFIGURATION MANAGEMENT

Server version information parameters should be turned off - 'ServerSignature Off'TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

StartServers parameter value should be appropriately configured.TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

User IDs which disclose the privileges associated with it, should not be created. 'lock'TNS IBM HTTP Server Best Practice MiddlewareUnix

ACCESS CONTROL