Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Ensure 'Host headers' are on all sitesCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

1.3.1 Ensure 'Minimum Password Complexity' is enabledCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

2.1 Ensure 'global authorization rule' is set to restrict accessCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

2.2.29 (L1) Configure 'Log on as a service'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.29 Configure 'Log on as a service'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3 Ensure 'forms authentication' require SSL - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure 'forms authentication' require SSL - DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure 'forms authentication' is set to use cookies - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.2 Ensure 'debug' is turned off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotelyCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND INFORMATION INTEGRITY

3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.5 Ensure ASP.NET stack tracing is not enabled - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.7 Ensure 'cookies' are set with HttpOnly attributeCIS IIS 8.0 v1.5.1 Level 1Windows

ACCESS CONTROL

3.7 Ensure 'cookies' are set with HttpOnly attribute - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure 'MachineKey validation method - .Net 4.5' is configuredCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure 'MachineKey validation method - .Net 4.5' is configured - DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Ensure global .NET trust level is configuredCIS IIS 8.0 v1.5.1 Level 1Windows

ACCESS CONTROL

3.10 Ensure global .NET trust level is configured - DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

3.11 Ensure X-Powered-By Header is removed - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

CONFIGURATION MANAGEMENT

3.11 Ensure X-Powered-By Header is removed - DefaultCIS IIS 10 v1.2.1 Level 2Windows

CONFIGURATION MANAGEMENT

4.1.2.2 Ensure Home directories access is configuredCIS IBM AIX 7 v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure 'maxURL request filter' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.2 Ensure 'maxURL request filter' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'MaxQueryString request filter' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.4 Ensure non-ASCII characters in URLs are not allowed - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.6 Ensure 'HTTP Trace Method' is disabled - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.8 Ensure Handler is not granted Write and Script/Execute - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.8 Ensure Handler is not granted Write and Script/Execute - DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.2.4 Ensure Complex Password Must Contain Numeric Character Is ConfiguredCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.5 Ensure Complex Password Must Contain Special Character Is ConfiguredCIS Apple macOS 10.15 Catalina v3.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

6.1 Ensure FTP requests are encryptedCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure FTP requests are encrypted - Control Channel DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure FTP requests are encrypted - Control Channel SitesCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure FTP Logon attempt restrictions is enabledCIS IIS 8.0 v1.5.1 Level 1Windows
6.2 Ensure FTP Logon attempt restrictions is enabledCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND INFORMATION INTEGRITY

7.1 Ensure HSTS Header is setCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure SSLv3 is DisabledCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure TLS 1.0 is disabledCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure TLS 1.1 is DisabledCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.6 Ensure TLS 1.2 is EnabledCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.8 Ensure DES Cipher Suites is DisabledCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.9 Ensure RC4 Cipher Suites is Disabled - RC4 64/128CIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.9 Ensure RC4 Cipher Suites is Disabled - RC4 128/128CIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.13 Ensure AES 256/256 Cipher Suite is enabled - EnabledCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.14 Ensure TLS Cipher Suite ordering is configuredCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SI-000241 - The IIS 8.5 private website have a server certificate issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA IIS 8.5 Site v2r9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SI-000262 - Interactive scripts on the IIS 8.5 web server must have restrictive access controls.DISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT