Item Search

Name	Audit Name	Plugin	Category
1.4.4 Remove SETroubleshoot	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	SYSTEM AND INFORMATION INTEGRITY
1.5.3 Set Boot Loader Password	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	CONFIGURATION MANAGEMENT
1.7 Set lockout thresholds	CIS Sybase 15.0 L2 DB v1.1.0	SybaseDB
1.7.3 Ensure 'SSL AES 256 encryption' is set for HTTPS access	CIS Cisco Firewall ASA 9 L1 v4.1.0	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
1.8.1 Ensure 'console session timeout' is less than or equal to '5' minutes	CIS Cisco Firewall v8.x L1 v4.2.0	Cisco	CONFIGURATION MANAGEMENT
2.1 Disable Local-only Graphical Login Environment	CIS Solaris 11.1 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.3.5 Ensure sudo authentication timeout is configured correctly	CIS Amazon Linux 2023 Server L1 v1.0.0	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS Red Hat EL8 Server L1 v3.0.0	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS Rocky Linux 8 Server L1 v2.0.0	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS Oracle Linux 8 Server L1 v3.0.0	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS AlmaLinux OS 8 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS CentOS Linux 7 v4.0.0 L1 Server	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS Oracle Linux 8 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS CentOS Linux 7 v4.0.0 L1 Workstation	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation	Unix	ACCESS CONTROL
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL
5.2.6 Ensure sudo authentication timeout is configured correctly	CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server	Unix	ACCESS CONTROL
5.2.6 Ensure sudo authentication timeout is configured correctly	CIS Rocky Linux 9 v2.0.0 L1 Workstation	Unix	ACCESS CONTROL
5.2.6 Ensure sudo authentication timeout is configured correctly	CIS Oracle Linux 9 v2.0.0 L1 Workstation	Unix	ACCESS CONTROL
5.2.6 Ensure sudo authentication timeout is configured correctly	CIS AlmaLinux OS 9 v2.0.0 L1 Server	Unix	ACCESS CONTROL
5.2.6 Ensure sudo authentication timeout is configured correctly	CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation	Unix	ACCESS CONTROL
5.2.6 Ensure sudo authentication timeout is configured correctly	CIS Rocky Linux 9 v2.0.0 L1 Server	Unix	ACCESS CONTROL
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth sufficient pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [default=die] pam_faillock.so authfail audit deny=5 unlock_time=900'	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [success=1 default=bad] pam_unix.so'	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth sufficient pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.6 Ensure sudo authentication timeout is configured correctly	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	ACCESS CONTROL
5.3.6 Ensure sudo authentication timeout is configured correctly	CIS Fedora 28 Family Linux Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.3.6 Ensure sudo authentication timeout is configured correctly	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=on-failure	CIS Docker 1.12.0 v1.0.0 L1 Docker	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page	CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0	Palo_Alto	AUDIT AND ACCOUNTABILITY
Allow only approved domains to use the TDC ActiveX control - Restricted Sites Zone	MSCT Windows 10 1803 v1.0.0	Windows	CONFIGURATION MANAGEMENT
Allow only approved domains to use the TDC ActiveX control - Restricted Sites Zone	MSCT Windows 10 1809 v1.0.0	Windows	CONFIGURATION MANAGEMENT
CISC-RT-000260 - The Cisco perimeter switch must be configured to only allow incoming communications from authorized sources to be routed to authorized destinations.	DISA STIG Cisco IOS Switch RTR v3r1	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000470 - The Cisco BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM).	DISA Cisco IOS Router RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries.	DISA Cisco IOS Router RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries.	DISA Cisco IOS XE Router RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
GEN005190 - The .Xauthority files must not have extended ACLs.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
MADB-10-006200 - MariaDB must automatically terminate a user's session after organization-defined conditions or trigger events requiring session disconnect.	DISA MariaDB Enterprise 10.x v2r3 DB	MySQLDB	ACCESS CONTROL
OL6-00-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - modprobe	DISA STIG Oracle Linux 6 v2r7	Unix	AUDIT AND ACCOUNTABILITY
OL6-00-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - module b32	DISA STIG Oracle Linux 6 v2r7	Unix	AUDIT AND ACCOUNTABILITY
PHTN-67-000044 - The Photon operating system must audit all account modifications - groupmod	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	AUDIT AND ACCOUNTABILITY
PHTN-67-000044 - The Photon operating system must audit all account modifications - usermod	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	AUDIT AND ACCOUNTABILITY
PHTN-67-000047 - The Photon operating system must audit all account removal actions - userdel	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - /sbin/insmod.	DISA Red Hat Enterprise Linux 6 STIG v2r2	Unix	AUDIT AND ACCOUNTABILITY
RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - delete_module 32 bit	DISA Red Hat Enterprise Linux 6 STIG v2r2	Unix	AUDIT AND ACCOUNTABILITY
RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - delete_module 64 bit	DISA Red Hat Enterprise Linux 6 STIG v2r2	Unix	AUDIT AND ACCOUNTABILITY
RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - init_module 64 bit	DISA Red Hat Enterprise Linux 6 STIG v2r2	Unix	AUDIT AND ACCOUNTABILITY
SLES-15-040220 - The SUSE operating system must be configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes.	DISA SUSE Linux Enterprise Server 15 STIG v2r4	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search