Item Search

NameAudit NamePluginCategory
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL

2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

3.1.1 Client certificate authentication should not be used for usersCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

3.1.1 Client certificate authentication should not be used for usersCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

3.3 Ensure 'PASSWORD_LIFE_TIME + PASSWORD_GRACE_TIME' Is Less Than Or Equal To '365'CIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

ACCESS CONTROL

3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

4.3 Ensure the maximum failed login attempts is set to 5CIS VMware ESXi 6.7 v1.3.0 Level 1VMware

ACCESS CONTROL

4.4 Lock Out Accounts if Not Currently in UseCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL

4.4.2.1.2 Ensure password failed attempts lockout is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.4.2.1.2 Ensure password failed attempts lockout is configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

4.4.2.1.3 Ensure password unlock time is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.4.2.1.3 Ensure password unlock time is configuredCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

4.4.2.1.3 Ensure password unlock time is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

4.4.2.1.4 Ensure password failed attempts lockout includes root accountCIS CentOS Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL

4.4.2.1.4 Ensure password failed attempts lockout includes root accountCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL

4.4.2.1.4 Ensure password failed attempts lockout includes root accountCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL

4.4.3.1.1 Ensure password failed attempts lockout is configuredCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.4.3.1.3 Ensure password failed attempts lockout includes root accountCIS Oracle Linux 8 Workstation L2 v3.0.0Unix

ACCESS CONTROL

5.2.1 Ensure Password Account Lockout Threshold Is ConfiguredCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

ACCESS CONTROL

5.3.2.1.2 Ensure password unlock time is configuredCIS SUSE Linux Enterprise 15 v2.0.1 L1 WorkstationUnix

ACCESS CONTROL

5.3.2.1.3 Ensure password failed attempts lockout includes root accountCIS SUSE Linux Enterprise 15 v2.0.1 L2 WorkstationUnix

ACCESS CONTROL

5.3.2.2 Ensure pam_faillock module is enabledCIS Debian Linux 12 v1.1.0 L1 ServerUnix

ACCESS CONTROL

5.3.3.1.1 Ensure password failed attempts lockout is configuredCIS Debian Linux 11 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.3.1.1 Ensure password failed attempts lockout is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.3.1.1 Ensure password failed attempts lockout is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.3.1.1 Ensure password failed attempts lockout is configuredCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.3.1.2 Ensure password unlock time is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.3.1.2 Ensure password unlock time is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.3.1.2 Ensure password unlock time is configuredCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.3.1.2 Ensure password unlock time is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupCIS Debian 8 Workstation L1 v2.0.2Unix

ACCESS CONTROL

6.3.2 Ensure that guest users are reviewed on a regular basisCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL

18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL

18.10.12.1 Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

18.10.12.1 Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL

20.45 Ensure 'Outdated or unused accounts are removed or disabled' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

Big Sur - Disable Guest Access to Shared SMB FoldersNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL

Monterey - Disable Guest Access to Shared SMB FoldersNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

ACCESS CONTROL

Monterey - Disable Guest Access to Shared SMB FoldersNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

ACCESS CONTROL