Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure the appropriate MongoDB software version/patches are installedCIS MongoDB 6 v1.2.0 L1 MongoDBUnix

CONFIGURATION MANAGEMENT

1.1.1.2 Configure AAA Authentication - Local SSH keysCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL

1.2.4 Ensure Exec Timeout for Console Sessions is set for less than 10CIS Cisco NX-OS v1.2.0 L1Cisco

CONFIGURATION MANAGEMENT, MAINTENANCE

1.6.4 Configure NTP AuthenticationCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.7 (L1) Host integrated hardware management controller must enable remote logging of eventsCIS VMware ESXi 8.0 v1.2.0 L1VMware

AUDIT AND ACCOUNTABILITY

1.11 (L2) Host hardware must secure unused external hardware portsCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT

2.1 (L1) Host must run software that has not reached End of General Support statusCIS VMware ESXi 8.0 v1.2.0 L1VMware

SYSTEM AND SERVICES ACQUISITION

2.3.36.1.1 Ensure 'Conversion Service Options' is set to 'Enabled: Do not allow to use Microsoft Conversion Service'CIS Microsoft Office Enterprise v1.2.0 L2Windows

CONFIGURATION MANAGEMENT

2.3.36.2.1 Ensure 'Online Content Options' is set to 'Enabled: Do not allow Office to connect to the Internet'CIS Microsoft Office Enterprise v1.2.0 L2Windows

CONFIGURATION MANAGEMENT

2.5.1.2.3 Ensure 'Enable RPC encryption' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5.10.6.1.2 Ensure 'Do not allow folders in non-default stores to be set as folder home pages' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.5.10.8.3.2 Ensure 'Read signed e-mail as plain text' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L2Windows

CONFIGURATION MANAGEMENT

2.5.14.1.1 Ensure 'Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.5.14.3.1.6 Ensure 'Remove file extensions blocked as Level 2' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.5.14.3.3.3 Ensure 'Configure Outlook object model prompt When accessing the Formula property of a UserProperty object' is set to 'Enabled: Automatically Deny'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.5.14.4.1 Ensure 'Allow hyperlinks in suspected phishing e-mail messages' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.6.5.2 Ensure 'Disable Slide Update' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L2Windows

CONFIGURATION MANAGEMENT

2.6.6.6.2.2.2 Ensure 'Do not open files in unsafe locations in Protected View' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.6.6.2.3.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.6.6.6.2.4 Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.6.6.6.2.9 Ensure 'VBA Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND SERVICES ACQUISITION

2.11 (L1) Host must use sufficient entropy for cryptographic operationsCIS VMware ESXi 8.0 v1.2.0 L1Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

2.12 (L2) Host must enable volatile key destructionCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

3.1 (L1) Host should deactivate SSHCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

3.1.4.1 If VLAN interfaces have IP addreses, configure anti spoofing / ingress filtering protectionsCIS Cisco NX-OS v1.2.0 L1Cisco

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.2 (L1) Host must deactivate the ESXi shellCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

3.2.3 Disable Proxy ARP on all Layer 3 InterfacesCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Configure DHCP TrustCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.11 (L1) Host must enforce password complexityCIS VMware ESXi 8.0 v1.2.0 L1VMware

IDENTIFICATION AND AUTHENTICATION

3.21 (L2) Host should enable strict lockdown modeCIS VMware ESXi 8.0 v1.2.0 L2VMware

ACCESS CONTROL

3.24 (L1) Host must display a login banner for the DCUI and Host ClientCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

4.1 (L1) Host must configure a persistent log location for all locally stored system logsCIS VMware ESXi 8.0 v1.2.0 L1VMware

AUDIT AND ACCOUNTABILITY

4.1 Ensure legacy TLS protocols are disabledCIS MongoDB 6 v1.2.0 L2 MongoDBUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.9 (L1) Host must transmit audit records to a remote log collectorCIS VMware ESXi 8.0 v1.2.0 L1VMware

AUDIT AND ACCOUNTABILITY

5.1 Ensure that system activity is auditedCIS MongoDB 6 v1.2.0 L1 MongoDBUnix

AUDIT AND ACCOUNTABILITY

5.4 Ensure that new entries are appended to the end of the log fileCIS MongoDB 6 v1.2.0 L2 MongoDBUnix

AUDIT AND ACCOUNTABILITY

6.5.8 (L1) Host SSH daemon, if enabled, must ignore .rhosts filesCIS VMware ESXi 8.0 v1.2.0 L1Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

7.6 (L1) Virtual machines must limit console sharing.CIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.15 (L2) Virtual machines must remove unnecessary CD/DVD devicesCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT

7.16 (L1) Virtual machines must remove unnecessary floppy devicesCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

7.22 (L1) Virtual machines must deactivate virtual disk wiping operationsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.23 (L1) Virtual machines must restrict sharing of memory pages with other VMsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

8.2 (L1) VMware Tools must have all software updates installedCIS VMware ESXi 8.0 v1.2.0 L1VMware

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

8.7 (L1) VMware Tools must deactivate GlobalConf unless requiredCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

8.9 (L2) VMware Tools must deactivate Appinfo information gathering unless requiredCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT

CIS_Apache_Tomcat_8_L2_v1.1.0.audit from CIS Apache Tomcat 8 BenchmarkCIS Apache Tomcat 8 L2 v1.1.0Unix
CIS_Apache_Tomcat_10_L1_v1.1.0.audit from CIS Apache Tomcat 10 BenchmarkCIS Apache Tomcat 10 L1 v1.1.0Unix
CIS_Apache_Tomcat_10_L2_v1.1.0.audit from CIS Apache Tomcat 10 BenchmarkCIS Apache Tomcat 10 L2 v1.1.0Unix
CIS_Bottlerocket_v1.0.0_L1.audit from CIS Bottlerocket Benchmark Level 1CIS Bottlerocket L1Unix
CIS_Debian_Linux_9_Server_v1.0.1_L1.audit from CIS Debian Linux 9 BenchmarkCIS Debian 9 Server L1 v1.0.1Unix