Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.26 Ensure that the --etcd-cafile argument is set as appropriateCIS Kubernetes v1.11.1 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.27 Ensure that the --encryption-provider-config argument is set as appropriateCIS Kubernetes v1.11.1 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.28 Ensure that encryption providers are appropriately configuredCIS Kubernetes v1.11.1 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.28 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.28 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfileCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.29 Ensure that encryption providers are appropriately configuredCIS Red Hat OpenShift Container Platform v1.8.0 L1 OpenShiftOpenShift

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.29 Ensure that the --encryption-provider-config argument is set as appropriateCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.30 Ensure that encryption providers are appropriately configuredCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.33 Ensure that encryption providers are appropriately configuredCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1.1.1 Ensure Critical Data is Encrypted with Microsoft Managed Keys (MMK)CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Red Hat OpenShift Container Platform v1.8.0 L1 OpenShiftOpenShift

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure Binary and Relay Logs are EncryptedCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure Binary and Relay Logs are EncryptedCIS MySQL 8.0 Community Database L2 v1.1.0MySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure that encryption-at-rest is enabled for RDS instancesCIS Amazon Web Services Foundations v5.0.0 L1amazon_aws

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.11.1 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.8 (L1) Host must require TPM-based configuration encryptionCIS VMware ESXi 8.0 v1.2.0 L1VMware

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Ensure rotation for customer-created symmetric CMKs is enabledCIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.26 (L1) Host must enable the highest version of TLS supportedCIS VMware ESXi 8.0 v1.2.0 L1VMware

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1 Ensure yearly rekeying is enabled for a Snowflake accountCIS Snowflake Foundations v1.0.0 L2Snowflake

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2 Ensure AES encryption key size used to encrypt files stored in internal stages is set to 256 bitsCIS Snowflake Foundations v1.0.0 L1Snowflake

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 6 v1.2.0 L2 MongoDBUnix

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 6 v1.2.0 L2 MongoDBWindows

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Old Password Versions Are Not UsedCIS Oracle Database 23ai v1.1.0 L1 RDBMSOracleDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.1 Ensure File System Level encryption is enabledCIS IBM AIX 7 v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS Oracle MySQL Community Server 8.4 v1.0.0 L2 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS MySQL 5.7 Community Database L2 v2.0.0MySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMSMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS MySQL 8.0 Community Database L2 v1.1.0MySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.11 Ensure That Compute Instances Have Confidential Computing EnabledCIS Google Cloud Platform Foundation v4.0.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure Kubernetes Secrets are encrypted using keys managed in Cloud KMSCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.6.1 Enable Customer-Managed Encryption Keys (CMEK) for GKE Persistent Disks (PD)CIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.9.1 Enable Customer-Managed Encryption Keys (CMEK) for GKE Persistent Disks (PD)CIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.9.2 Enable Customer-Managed Encryption Keys (CMEK) for Boot DisksCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensured 'HashPassword' is set in UsernameToken WS-Security policyCIS IBM WebSphere Liberty v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.6 Ensure Binary and Relay Logs are EncryptedCIS MariaDB 10.6 on Linux L2 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.6 Ensure Binary and Relay Logs are EncryptedCIS MariaDB 10.6 Database L2 v1.1.0MySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.11 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1.1.3 Ensure the storage account containing the container with activity logs is encrypted with Customer Managed Key (CMK)CIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure Database Backups are EncryptedCIS SQL Server 2017 Database L2 DB v1.3.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure Database Backups are EncryptedCIS SQL Server 2016 Database L2 DB v1.4.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure Databases are Encrypted with TDECIS SQL Server 2016 Database L2 DB v1.4.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure Databases are Encrypted with TDECIS SQL Server 2017 Database L2 DB v1.3.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure that swarm manager is run in auto-lock modeCIS Docker v1.8.0 L1 Docker SwarmUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.2.1 Encrypt the DatabaseCIS IBM DB2 11 v1.1.0 Database Level 2IBM_DB2DB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.19 Ensure Manager Application Passwords are EncryptedCIS Apache Tomcat 11 v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.19 Ensure Manager Application Passwords are EncryptedCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION