Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.4 SNMP Security - c) SNMP Security Protection FunctionTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.7 Log AuditingTenable ZTE ROSNGZTE_ROSNG

AUDIT AND ACCOUNTABILITY

1.8 SSH Strong Algorithm - i) Disable diffie-hellman group-exchange-sha1Tenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.8 SSH Strong Algorithm - k) Disable hmac sha1Tenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 SSL Strong Algorithm - d) renegotiateTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

2.3 Disable the Proxy ARP Function - a) No proxyTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

2.3 Disable the Proxy ARP Function - c) No proxy localTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

10 - Enable SSL ConnectorTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

12 - Remove and mask informational headers - Server Property OverrideTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Disable TelnetTNS Adtran AOS Best Practice AuditAdtran

CONFIGURATION MANAGEMENT

Adtran : Enable aaaTNS Adtran AOS Best Practice AuditAdtran

IDENTIFICATION AND AUTHENTICATION

Adtran : Enable security mode on virtual access point (VAP)TNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Adtran : Ensure a trusted, primary DNS server is setTNS Adtran AOS Best Practice AuditAdtran

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Ensure a trusted, secondary DNS server is setTNS Adtran AOS Best Practice AuditAdtran

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - Admin password lockout threshold - '1-3'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Disable SSHv1 admin accessTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - DNS - primary serverTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - DNS - secondary serverTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - Encrypt logs sent to FortiAnalyzer/FortiManagerTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - External Logging - 'fortianalyzer3'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Fortianalyzer2 Logs - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Fortianalyzer3 Logs - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Log user authentication messagesTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - NTP server configuration - *.ntp.orgTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Password Complexity - 1 non-alphanum characterTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Review and disable unused interfacesTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - Use non default admin access ports - 'SSH'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Wireless-activity event loggingTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Huawei: Configure appropriate External Syslog serverTNS Huawei VRP Best Practice AuditHuawei

AUDIT AND ACCOUNTABILITY

Huawei: Enable AAA accountingTNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Huawei: Simple Password Authentication is not used.TNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

PANW-AG-000064 - The Palo Alto Networks security platform must send an immediate (within seconds) alert to the system administrator, at a minimum, in response to malicious code detection - within seconds alert to the system administrator, at a minimum, in response to malicious code detectionDISA STIG Palo Alto ALG v3r4Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

RHEL-09-431016 - RHEL 9 must elevate the SELinux context when an administrator calls the sudo command.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

ACCESS CONTROL

Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers in use'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Data Access Control - 'Enable CSRF protection on GET requests on non-setup pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Email Services - 'IsErrorRoutingEnabled = True'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND INFORMATION INTEGRITY

Salesforce.com : Object Permissions - 'DefaultLeadAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Object Permissions - 'DefaultOpportunityAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'lockout period >= 30 minutes'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup customer Visualforce pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Lock session to IP = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Session Security - 'Review Salesforce console User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Salesforce CRM Content User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review user types'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Work.com User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Use POST requests for cross-domain sessions = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT