Item Search

NameAudit NamePluginCategory
1.1.2 (L1) Ensure two emergency access accounts have been definedCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL

1.3.1 Ensure 'Enforce user logon restrictions' is set to 'Enabled' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL

2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL

2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

3.1.1 Client certificate authentication should not be used for usersCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

3.3 Ensure 'PASSWORD_LIFE_TIME + PASSWORD_GRACE_TIME' Is Less Than Or Equal To '365'CIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

ACCESS CONTROL

3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

3.12 (L1) Host must lock an account after a specified number of failed login attemptsCIS VMware ESXi 8.0 v1.2.0 L1VMware

ACCESS CONTROL

4.2.20 Ensure SSH LoginGraceTime is set to one minute or lessCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

ACCESS CONTROL

4.4.2.1.2 Ensure password failed attempts lockout is configuredCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.4.3.1.1 Ensure password failed attempts lockout is configuredCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.4.3.1.1 Ensure password failed attempts lockout is configuredCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

ACCESS CONTROL

4.4.3.1.3 Ensure password failed attempts lockout includes root accountCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

ACCESS CONTROL

4.5.2 Ensure lockout for failed password attempts is configuredCIS Amazon Linux 2023 Server L1 v1.0.0Unix

ACCESS CONTROL

5.1.5 Ensure an Inventory of user accounts is established and maintainedCIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL

5.2.1 Ensure Password Account Lockout Threshold Is ConfiguredCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL

5.2.1 Ensure Password Account Lockout Threshold Is ConfiguredCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

ACCESS CONTROL

5.2.1 Ensure Password Account Lockout Threshold Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL

5.3.2.1.1 Ensure password failed attempts lockout is configuredCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

ACCESS CONTROL

5.3.3.1.2 Ensure password unlock time is configuredCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.3.1.2 Ensure password unlock time is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.3.1.2 Ensure password unlock time is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.3.1.3 Ensure password failed attempts lockout includes root accountCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

ACCESS CONTROL

5.3.3.1.3 Ensure password failed attempts lockout includes root accountCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL

5.3.3.1.3 Ensure password failed attempts lockout includes root accountCIS Red Hat Enterprise Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL

5.5.2 Ensure lockout for failed password attempts is configuredCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

6.3.2 Ensure that guest users are reviewed on a regular basisCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL

7.2.11 (L1) Ensure the SharePoint default sharing link permission is setCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL

8.5.2 (L1) Ensure anonymous users and dial-in callers can't start a meetingCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL

8.5.4 (L1) Ensure users dialing in can't bypass the lobbyCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL

8.5.5 (L2) Ensure meeting chat does not allow anonymous usersCIS Microsoft 365 Foundations v5.0.0 L2 E5microsoft_azure

ACCESS CONTROL

18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

18.10.12.1 Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

Authentication: a backup remote authentication server is availableTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

ACCESS CONTROL

Big Sur - Disable Guest Access to Shared SMB FoldersNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL

Big Sur - Disable Guest Access to Shared SMB FoldersNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL

Big Sur - Disable Guest Access to Shared SMB FoldersNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL

Big Sur - Disable Guest Access to Shared SMB FoldersNIST macOS Big Sur v1.4.0 - 800-53r5 LowUnix

ACCESS CONTROL

Monterey - Disable Guest Access to Shared SMB FoldersNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

ACCESS CONTROL

Monterey - Disable Guest Access to Shared SMB FoldersNIST macOS Monterey v1.0.0 - 800-171Unix

ACCESS CONTROL

Monterey - Disable Guest Access to Shared SMB FoldersNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL