Detections
Analytics

Item Search

NameAudit NamePluginCategory
1 - Application specific logging - ${jetty.base}/start.ini --module=loggingTNS Best Practice Jetty 9 LinuxUnix
1 - Remove or Disable Example Content - ExampleDSTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

1.1 Ensure the appropriate MongoDB software version/patches are installedCIS MongoDB 3.4 Database Audit L1 v1.0.0MongoDB

CONFIGURATION MANAGEMENT

2.1 Ensure Authentication is configuredCIS MongoDB 6 v1.2.0 L1 MongoDBWindows

IDENTIFICATION AND AUTHENTICATION

2.1 Ensure Authentication is configuredCIS MongoDB 8 v1.0.0 L1 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

3 - Audit Logging - LoggerTNS Best Practice JBoss 7 LinuxUnix

AUDIT AND ACCOUNTABILITY

3 - Configure log file size limit - org.eclipse.jetty.server.handler.RequestLogHandlerTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

3.2 Ensure that MongoDB only listens for network connections on authorized interfacesCIS MongoDB 3.2 L1 Unix Audit v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2 Ensure that MongoDB only listens for network connections on authorized interfacesCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

3.2 Ensure that MongoDB only listens for network connections on authorized interfacesCIS MongoDB 3.4 L1 Unix Audit v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2 Ensure that MongoDB only listens for network connections on authorized interfacesCIS MongoDB L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

4 - Restrict access to $JETTY_HOME - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

5 - AuthenticationTNS Best Practice Jetty 9 LinuxUnix
7 - SSL implementation - start.ini --module=deployTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.ini --module=httpTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.ini --module=sslTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.jar --module=deployTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.jar --module=httpTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.jar --module=sslTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

8 - Management IP - .htacess existsTNS Best Practice Jetty 9 LinuxUnix
8 - Management IP - review $jetty_home/contexts xml fileTNS Best Practice Jetty 9 LinuxUnix
10 - Access Control - Security RealmsTNS Best Practice Jetty 9 LinuxUnix
10 - Enable SSL ConnectorTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

11 - JSP RegenerationTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

12 - Remove and mask informational headers - JSP ConfigurationTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

12 - Remove and mask informational headers - Server Property OverrideTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

12 - Restrict access to logs directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

14 - SSL Encryption - Modify WSDL AddressTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

16 - ORB Subsystem - Security-Domain SetTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

17 - Restrict access to JETTY.properties - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

17 - Restrict access to JETTY.properties - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

22 - Use secure RealmsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/ROOT/adminTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/webdavTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

27 - Ensure SSLEnabled is set to True for Sensitive Connectors - SSLEnabledTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

27 - Ensure SSLEnabled is set to True for Sensitive Connectors - SSLEngineTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

28 - Ensure scheme is set accuratelyTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

29 - Ensure secure is set to true only for SSL-enabled ConnectorsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

30 - Ensure sslProtocol is set to TLS for Secure ConnectorTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

34 - Ensure Web content directory is on a separate partition from the system filesTNS Best Practice Jetty 9 LinuxUnix
35 - Do not allow custom header status messagesTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

36 - Configure connectionTimeoutTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

37 - Configure maxHttpHeaderSizeTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

38 - Force SSL for all applicationsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

39 - Increase the entropy in session identifiersTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

40 - Do not allow symbolic linkingTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

41 - Do not run applications as privilegedTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

45 - Restrict runtime access to sensitive packagesTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

OL07-00-030201 - The Oracle Linux operating system must be configured to off-load audit logs onto a different system or storage media from the system being audited.DISA Oracle Linux 7 STIG v3r5Unix

AUDIT AND ACCOUNTABILITY

WN19-DC-000300 - Windows Server 2019 PKI certificates associated with user accounts must be issued by a DoD PKI or an approved External Certificate Authority (ECA).DISA Microsoft Windows Server 2019 STIG v3r8Windows

IDENTIFICATION AND AUTHENTICATION