Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Ensure that the API server pod specification file permissions are set to 600 or more restrictiveCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.1 Ensure that the API server pod specification file permissions are set to 600 or more restrictiveCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.11 Ensure that the etcd data directory permissions are set to 700 or more restrictiveCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.11 Ensure that the etcd data directory permissions are set to 700 or more restrictiveCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.15 Ensure that the scheduler.conf file permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600CIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.8 Ensure That Separation of Duties Is Enforced While Assigning Service Account Related Roles to UsersCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

1.9 Ensure That Cloud KMS Cryptokeys Are Not Anonymously or Publicly AccessibleCIS Google Cloud Platform v3.0.0 L1GCP

ACCESS CONTROL, MEDIA PROTECTION

2.2.6 Ensure 'REMOTE_LISTENER' Is EmptyCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

2.2.6 Ensure 'REMOTE_LISTENER' Is EmptyCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.3.10.7 Ensure 'Network access: Remotely accessible registry paths'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.3.10.8 Ensure 'Network access: Remotely accessible registry paths and sub-paths'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.1.2 Secure Ppermissions for Default Database File Path (DFTDBPATH)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

3.2.3 Disable Grants During Restore (DB2_RESTORE_GRANT_ADMIN_AUTHORITIES)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

3.2.4 Enable Extended Security (DB2_EXTSECURITY)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privilegesCIS MongoDB 7 v1.1.0 L1 MongoDBMongoDB

ACCESS CONTROL

4.1.1 Ensure that the kubelet service file permissions are set to 600 or more restrictiveCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.1.10 Ensure access on /var/adm/cron/at.allow is configuredCIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL

4.1.5 Ensure that the --kubeconfig kubelet.conf file permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.6 Secure Permissions for the Secondary Archive Log Location (LOGARCHMETH2)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.7 Ensure that the certificate authorities file permissions are set to 600 or more restrictiveCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.7 Ensure that the certificate authorities file permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.7 Secure Permissions for the Tertiary Archive Log Location (FAILARCHPATH)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.9 Ensure that the kubelet --config configuration file has permissions set to 600 or more restrictiveCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.9 If the kubelet config.yaml configuration file is being used validate permissions set to 600 or more restrictiveCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.14 Specify a Secure Location for External Tables (EXTBL_LOCATION)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.2.1 Ensure that the --anonymous-auth argument is set to falseCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.9 Ensure That Compute Instances Do Not Have Public IP AddressesCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

5.1 Ensure Only Administrative Users Have Full Database AccessCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 DatabaseMySQLDB

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 DatabaseMySQLDB

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS MySQL 8.0 Community Database L1 v1.1.0MySQLDB

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.1 Ensure Only Administrative Users Have Full Database AccessCIS MySQL 8.4 Enterprise v1.0.0 L1 DatabaseMySQLDB

ACCESS CONTROL

5.1 Use secure RealmsCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL

5.1 Use secure RealmsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

ACCESS CONTROL

5.2 Ensure 'FILE' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Community Database L1 v1.1.0MySQLDB

ACCESS CONTROL

5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative UsersCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 DatabaseMySQLDB

ACCESS CONTROL

6.3.7 Ensure that the 'contained database authentication' database flag for Cloud SQL on the SQL Server instance is not set to 'on'CIS Google Cloud Platform v3.0.0 L1GCP

ACCESS CONTROL, MEDIA PROTECTION

6.6 Ensure That Cloud SQL Database Instances Do Not Have Public IPsCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

17.6.1 Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

17.6.2 Ensure 'Audit File Share' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY