Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of squashfs filesystems is disabledCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.3 Ensure mounting of FAT filesystems is limitedCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - lsmodCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.2 Ensure /tmp is configured - mountCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.20 Ensure sticky bit is set on all world-writable directoriesCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4 (L2) Ensure the default value of individual salt per vm is configuredCIS VMware ESXi 7.0 v1.5.0 L2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.1 Ensure core dumps are restricted - limits.conf limits.dCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.1 Ensure core dumps are restricted - sysctlCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.1.1 Ensure message of the day is configured properlyCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.2 Ensure GDM login banner is configured - banner textCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8 Ensure the System is Managed by a Mobile Device Management (MDM) SoftwareCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.9 Ensure the System is Managed by a Mobile Device Management (MDM) SoftwareCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10.4 Ensure Login Window Displays as Name and Password Is EnabledCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.15.1 Audit Notification & Focus SettingsCIS Apple macOS 13.0 Ventura v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.15.1 Audit Notification & Focus SettingsCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.18.1 Ensure On-Device Dictation Is EnabledCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.8 Ensure SSH HostbasedAuthentication is disabledCIS Amazon Linux 2023 Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.19 Ensure SSH MaxStartups is configuredCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.19 Ensure SSH MaxStartups is configuredCIS Debian 10 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.2 Ensure password expiration is 365 days or lessCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.2.1 Ensure default group for the root account is GID 0CIS Oracle Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.10.19.2 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.1 Ensure cron daemon is enabledCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.4 Ensure SSH Protocol is set to 2CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.2 Ensure lockout for failed password attempts is configuredCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.2.2 Ensure pam_faillock module is enabledCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.1.3 Ensure password expiration warning days is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6 Ensure access to the su command is restricted - /etc/groupCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.9 Ensure the Guest Home Folder Does Not ExistCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.10 Ensure the Guest Home Folder Does Not ExistCIS Apple macOS 13.0 Ventura v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.12 Ensure no ungrouped files or directories existCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.24 (L1) Virtual machines must not be able to obtain host information from the hypervisorCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.3.2 (L1) Ensure use of the VM console is limitedCIS VMware ESXi 7.0 v1.5.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.5.1 (L2) Ensure VM limits are configured correctlyCIS VMware ESXi 7.0 v1.5.0 L2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.1.2.2 (L1) Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.1.2.2 (L1) Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.1.2.2 (L1) Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.4.6 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.4.8 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.28.1 Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION