Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1.12 Ensure 'Add-on Management' is set to Enabled - mspub.exeCIS Microsoft Office 2016 v1.1.0Windows

CONFIGURATION MANAGEMENT

1.2.1.12 Ensure 'Add-on Management' is set to Enabled - powerpnt.exeCIS Microsoft Office 2016 v1.1.0Windows

CONFIGURATION MANAGEMENT

1.2.1.12 Ensure 'Add-on Management' is set to Enabled - spDesign.exeCIS Microsoft Office 2016 v1.1.0Windows

CONFIGURATION MANAGEMENT

1.4 Ensure latest version of Cassandra is installedCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

SYSTEM AND SERVICES ACQUISITION

1.4 Ensure latest version of Cassandra is installedCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

SYSTEM AND SERVICES ACQUISITION

1.8.7.2.6 Ensure 'Require That Application Add-ins Are Signed By Trusted Publisher' to EnabledCIS Microsoft Office Word 2013 v1.1.0Windows

SYSTEM AND INFORMATION INTEGRITY

1.8.7.2.6 Ensure 'Require That Application Add-ins Are Signed By Trusted Publisher' to EnabledCIS Microsoft Office Word 2016 v1.1.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.01 Installation - 'Try to ensure that no other users are connected while installing Oracle 11g'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows
2.2.2 Ensure time set is within appropriate limitsCIS Apple macOS 10.13 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

3.4.4.2.4 Ensure iptables default deny firewall policyCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.4 Ensure ip6tables default deny firewall policyCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.1 Ensure IPv6 default deny firewall policy - Chain FORWARDCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - FORWARDCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - OUTPUTCIS CentOS 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - OUTPUTCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - FORWARDCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - FORWARDCIS Oracle Linux 6 Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - INPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - INPUTCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - OUTPUTCIS CentOS 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.108 - Unauthorized registry paths and sub-paths are remotely accessible.DISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

4.1.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Fedora 28 Family Linux Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Oracle Linux 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS AlmaLinux OS 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Amazon Linux 2023 Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

6.3.3.11 Ensure session initiation information is collectedCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.11 Ensure session initiation information is collectedCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.11 Ensure session initiation information is collectedCIS AlmaLinux OS 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

12.33 Event and System Logs - 'Monitor'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows
AOSX-15-000015 - The macOS system must utilize an Endpoint Security Solution (ESS) and implement all DoD required modules.DISA STIG Apple Mac OSX 10.15 v1r10Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-07-010340 - The Red Hat Enterprise Linux operating system must be configured so that users must provide a password for privilege escalation.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010342 - The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using 'sudo' - sudo.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-010470 - The Red Hat Enterprise Linux operating system must not allow a non-certificate trusted host SSH logon to the system.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-021020 - The Red Hat Enterprise Linux operating system must prevent files with the setuid and setgid bit set from being executed on file systems that are being imported via Network File System (NFS).DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-030910 - The Red Hat Enterprise Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-040620 - The Red Hat Enterprise Linux operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets by default.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040712 - The Red Hat Enterprise Linux operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

SLES-12-010290 - The SUSE operating system must employ user passwords with a maximum lifetime of 60 days.DISA SLES 12 STIG v3r2Unix

IDENTIFICATION AND AUTHENTICATION

SPLK-CL-000080 - Splunk Enterprise must use LDAPS for the LDAP connection.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

IDENTIFICATION AND AUTHENTICATION

VCENTER-000016 - Log files must be cleaned up after failed installations of the vCenter Server.DISA STIG VMWare ESXi vCenter 5 STIG v2r1VMware

CONFIGURATION MANAGEMENT