Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3 Enable 'aaa authentication enable default'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL

1.4.2 Set 'buffer size'CIS Cisco IOS XR 7.x v1.0.1 L1Cisco

AUDIT AND ACCOUNTABILITY

2.1.1.1.1 Set the 'hostname'CIS Cisco IOS 12 L1 v4.0.0Cisco

CONFIGURATION MANAGEMENT

2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.2 Set 'buffer size' for 'logging buffered'CIS Cisco IOS XE 17.x v2.2.1 L1Cisco

AUDIT AND ACCOUNTABILITY

2.2.2 Set 'buffer size' for 'logging buffered'CIS Cisco IOS XE 16.x v2.2.0 L1Cisco

AUDIT AND ACCOUNTABILITY

2.2.4 Set IP address for 'logging host'CIS Cisco IOS XE 16.x v2.2.0 L1Cisco

AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY

3.2.1.4 Ensure 'Allow iCloud backup' is set to 'Disabled'MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.2.1.4 Ensure 'Allow iCloud backup' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.3.1.4 Ensure net.ipv4.conf.all.send_redirects is configuredCIS Ubuntu Linux 22.04 LTS v3.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.4 Ensure net.ipv4.conf.all.send_redirects is configuredCIS Rocky Linux 10 v1.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.4 Ensure net.ipv4.conf.all.send_redirects is configuredCIS Rocky Linux 8 v3.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.4 Ensure net.ipv4.conf.all.send_redirects is configuredCIS AlmaLinux OS 10 v1.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.4 Ensure net.ipv4.conf.all.send_redirects is configuredCIS AlmaLinux OS 10 v1.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.1.5 Ensure net.ipv4.conf.default.send_redirects is configuredCIS Ubuntu Linux 22.04 LTS v3.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.5 Ensure net.ipv4.conf.default.send_redirects is configuredCIS Oracle Linux 8 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.7 Ensure net.ipv6.conf.all.accept_ra is configuredCIS Ubuntu Linux 22.04 LTS v3.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.7 Ensure net.ipv6.conf.all.accept_ra is configuredCIS Rocky Linux 10 v1.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.2.7 Ensure net.ipv6.conf.all.accept_ra is configuredCIS Rocky Linux 8 v3.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.7 Ensure net.ipv6.conf.all.accept_ra is configuredCIS Oracle Linux 10 v1.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.7 Ensure net.ipv6.conf.all.accept_ra is configuredCIS Oracle Linux 8 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.8 Ensure net.ipv6.conf.default.accept_ra is configuredCIS Red Hat Enterprise Linux 10 v1.0.1 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.8 Ensure net.ipv6.conf.default.accept_ra is configuredCIS Red Hat Enterprise Linux 8 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.8 Ensure net.ipv6.conf.default.accept_ra is configuredCIS Rocky Linux 10 v1.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.8 Ensure net.ipv6.conf.default.accept_ra is configuredCIS Rocky Linux 8 v3.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.8 Ensure net.ipv6.conf.default.accept_ra is configuredCIS Oracle Linux 10 v1.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.8 Ensure net.ipv6.conf.default.accept_ra is configuredCIS Oracle Linux 8 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.2.8 Ensure net.ipv6.conf.default.accept_ra is configuredCIS AlmaLinux OS 8 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

4.3.1 Control Plane ACL ManagementCIS HPE Aruba Networking CX Switch v1.0.1 L2ArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

CISC-ND-000550 - The Cisco switch must be configured to enforce a minimum 15-character password length.DISA Cisco IOS Switch NDM STIG v3r7Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-000550 - The Cisco switch must be configured to enforce a minimum 15-character password length.DISA Cisco IOS XE Switch NDM STIG v3r6Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources.DISA Cisco NX OS Switch NDM STIG v3r6Cisco

AUDIT AND ACCOUNTABILITY

CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).DISA Cisco NX OS Switch NDM STIG v3r6Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-RT-000391 - The Cisco perimeter switch must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces.DISA Cisco IOS Switch RTR STIG v3r3Cisco

CONFIGURATION MANAGEMENT

CISC-RT-000391 - The Cisco perimeter switch must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces.DISA Cisco NX OS Switch RTR STIG v3r4Cisco

CONFIGURATION MANAGEMENT

DNS Profile - Address - DNS Server 1Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

Huawei: HTTPS Server requires SSL policyTNS Huawei VRP Best Practice AuditHuawei

SYSTEM AND COMMUNICATIONS PROTECTION

JUNI-ND-000110 - The Juniper router must be configured to automatically audit account disabling actions.DISA STIG Juniper Router NDM v3r2Juniper

ACCESS CONTROL

JUNI-ND-000150 - The Juniper router must be configured to enforce the limit of three consecutive invalid logon attempts after which time lock out the user account from accessing the device for 15 minutes.DISA STIG Juniper Router NDM v3r2Juniper

ACCESS CONTROL

JUNI-ND-000210 - The Juniper router must be configured to protect against an individual falsely denying having performed organization-defined actions to be covered by non-repudiation.DISA STIG Juniper Router NDM v3r2Juniper

AUDIT AND ACCOUNTABILITY

JUNI-RT-000381 - The Juniper perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces.DISA STIG Juniper Router RTR v3r2Juniper

CONFIGURATION MANAGEMENT

Management Access Policy - HTTPS - Allow CredentialsTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

Management Access Policy - HTTPS - SSL Protocols - TLSv1Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

Management Access Policy - HTTPS - SSL Protocols - TLSv1.1Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

Management Access Policy - SSH - MACs - hmac-sha1Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

Number of recent user passwords to storeTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Password Change Interval (hours)Tenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Policies - Pod - Date and Time Policy - Administrative StateTenable Cisco ACICisco_ACI
SNMP Destination - v3 Security levelTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

TCAT-AS-000470 - Stack tracing must be disabled.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT