Item Search

Name	Audit Name	Plugin	Category
1.1.1 Ensure that the --anonymous-auth argument is set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
1.1.11 Ensure that the admission control policy is set to DenyEscalatingExec	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	ACCESS CONTROL
1.1.19 Ensure that the --token-auth-file parameter is not set	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
1.1.32 Ensure that the admission control policy is set to NodeRestriction	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	ACCESS CONTROL
1.4.2 Ensure that the API server pod specification file ownership is set to root:root	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
1.4.7 Ensure that the etcd pod specification file permissions are set to 644 or more restrictive	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
1.4.9 Ensure that the Container Network Interface file permissions are set to 644 or more restrictive	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
1.4.10 Ensure that the Container Network Interface file ownership is set to root:root	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
1.4.11 Ensure that the etcd data directory permissions are set to 700 or more restrictive	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix
1.4.12 Ensure that the etcd data directory ownership is set to etcd:etcd	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix
1.4.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictive	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure that the --cert-file and --key-file arguments are set as appropriate - ca-file	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
1.5.2 Ensure that the --client-cert-auth argument is set to true	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
1.5.7 Ensure that the --wal-dir argument is set as appropriate	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	AUDIT AND ACCOUNTABILITY
2.1.1 Ensure that the --allow-privileged argument is set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	ACCESS CONTROL
2.1.3 Ensure that the --authorization-mode argument is not set to AlwaysAllow	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	ACCESS CONTROL
2.1.5 Ensure that the --read-only-port argument is set to 0	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.1.13 Ensure that the --cadvisor-port argument is set to 0	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.1.14 Ensure that the RotateKubeletClientCertificate argument is not set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
5.2 Ensure External File System Access is disabled - enable file access	CIS Sybase 15.0 L1 DB v1.1.0	SybaseDB
18.8.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION
18.8.48.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	MEDIA PROTECTION
18.9.19.1 (L1) Ensure 'Turn off desktop gadgets' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.9.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.43.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.6 (NG) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.6 (NG) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'	CIS Microsoft Windows 10 Stand-alone v3.0.0 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.44.6 (NG) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.44.6 (NG) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY
CIS_Amazon_Linux_2023_v1.0.0_L2_Server.audit from CIS Amazon Linux 2023 Benchmark v1.0.0	CIS Amazon Linux 2023 Server L2 v1.0.0	Unix
CIS_Apache_Tomcat_8_L1_v1.1.0.audit from CIS Apache Tomcat 8 Benchmark	CIS Apache Tomcat 8 L1 v1.1.0	Unix
CIS_Debian_Linux_11_v2.0.0_L1_Workstation.audit from CIS Debian Linux 11 Benchmark v2.0.0	CIS Debian Linux 11 v2.0.0 L1 Workstation	Unix
CIS_Debian_Linux_12_v1.1.0_L1_Server.audit from CIS Debian Linux 12 Benchmark v1.1.0	CIS Debian Linux 12 v1.1.0 L1 Server	Unix
CIS_Debian_Linux_12_v1.1.0_L2_Server.audit from CIS Debian Linux 12 Benchmark v1.1.0	CIS Debian Linux 12 v1.1.0 L2 Server	Unix
CIS_IBM_DB2_9_Benchmark_v3.0.1_Level_2_OS_Windows.audit from CIS IBM DB2 9 Benchmark v3.0.1	CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows	Windows
CIS_MongoDB_3.2_Benchmark_Level_1_OS_Unix_v1.0.0.audit from CIS MongoDB 3.2 Benchmark v1.0.0	CIS MongoDB 3.2 L1 Unix Audit v1.0.0	Unix
CIS_MongoDB_3.2_Benchmark_Level_2_OS_Unix_v1.0.0.audit from CIS MongoDB 3.2 Benchmark v1.0.0	CIS MongoDB 3.2 L2 Unix Audit v1.0.0	Unix
CIS_MongoDB_3.4_Benchmark_Level_1_OS_Windows_v1.0.0.audit from CIS MongoDB 3.4 Benchmark v1.0.0	CIS MongoDB 3.4 L1 Windows Audit v1.0.0	Windows
CIS_Oracle_Linux_7_v4.0.0_L2_Workstation.audit from CIS Oracle Linux 7 Benchmark v4.0.0	CIS Oracle Linux 7 v4.0.0 L2 Workstation	Unix
CIS_Oracle_Linux_9_v2.0.0_L2_Workstation.audit from CIS Oracle Linux 9 Benchmark v2.0.0	CIS Oracle Linux 9 v2.0.0 L2 Workstation	Unix
CIS_Rocky_Linux_9_v2.0.0_L1_Server.audit from CIS Rocky Linux 9 Benchmark v2.0.0	CIS Rocky Linux 9 v2.0.0 L1 Server	Unix
CIS_Rocky_Linux_9_v2.0.0_L1_Workstation.audit from CIS Rocky Linux 9 Benchmark v2.0.0	CIS Rocky Linux 9 v2.0.0 L1 Workstation	Unix
CIS_Ubuntu_20.04_LTS_v2.0.1_L2_Server.audit from CIS Ubuntu Linux 20.04 LTS Benchmark	CIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1	Unix
CIS_Ubuntu_20.04_LTS_v2.0.1_L2_Workstation.audit from CIS Ubuntu Linux 20.04 LTS Benchmark	CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1	Unix
CIS_VMware_ESXi_6.5_v1.0.0_L1_Bare_Metal.audit from CIS VMware ESXi 6.5 v1.0.0 benchmark	CIS VMware ESXi 6.5 v1.0.0 Level 2 Bare Metal	Unix
CIS_VMware_ESXi_7.0_v1.4.0_L1_Bare_Metal.audit from CIS VMware ESXi 7.0 Benchmark v1.4.0	CIS VMware ESXi 7.0 v1.4.0 L1 Bare Metal	Unix

Detections

Analytics

Item Search