Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.8.10 Ensure XDCMP is not enabledCIS Debian Linux 10 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

1.8.10 Ensure XDMCP is not enabledCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.10.5 Ensure 'logging history severity level' is set to greater than or equal to '5'CIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.6 Ensure 'logging history severity level' is set to greater than or equal to '5'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5'Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

1.13.5 Ensure 'Allow Active X One Off Forms' is set to Enabled:Load only Outlook ControlsCIS Microsoft Office Outlook 2013 v1.1.0 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.362 OL08-00-040320CIS Oracle Linux 8 STIG v1.0.0 CAT IIUnix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 10.1 v1.1.0 L2Unix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 7 L2 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 7 L2 v1.1.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 11 v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

3.1.3 - AirWatch - Set the 'minimum password length'AirWatch - CIS Apple iOS 9 v1.0.0 L1MDM

IDENTIFICATION AND AUTHENTICATION

3.1.3 - MobileIron - Set the 'minimum password length'MobileIron - CIS Apple iOS 9 v1.0.0 L1MDM

IDENTIFICATION AND AUTHENTICATION

3.3.2.2 Set 'ip ospf message-digest-key md5'CIS Cisco IOS 15 L2 v4.1.1Cisco

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.2 Ensure password reuse is limitedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.3 Ensure password reuse is limitedCIS Debian Family Server L1 v1.0.0Unix

ACCESS CONTROL

5.3.3 Ensure password reuse is limitedCIS Debian Family Workstation L1 v1.0.0Unix

ACCESS CONTROL

5.3.3 Ensure password reuse is limitedCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.4 Ensure password reuse is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.14 Ensure 'on-failure' container restart policy is set to '5' - RestartPolicyNameCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop.MobileIron - DISA Apple iOS 12 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS/iPadOS 14 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-16-011000 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-17-011000 - Apple iOS/iPadOS 17 must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS/iPadOS 17 v2r2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-17-011000 - Apple iOS/iPadOS 17 must implement the management setting: Disable Allow MailDrop.MobileIron - DISA Apple iOS/iPadOS 17 v2r2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-18-011000 - Apple iOS/iPadOS 18 must implement the management setting: disable Allow MailDrop.AirWatch - DISA Apple iOS/iPadOS 18 v2r2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-18-011000 - Apple iOS/iPadOS 18 must implement the management setting: disable Allow MailDrop.MobileIron - DISA Apple iOS/iPadOS 18 v2r2MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIX7-00-002129 - If Bourne / ksh shell is used, AIX must display logout messages.DISA STIG AIX 7.x v3r1Unix

ACCESS CONTROL

ALMA-09-022240 - AlmaLinux OS 9 must have the gnutls-utils package installed.DISA Cloud Linux AlmaLinux OS 9 STIG v1r6Unix

CONFIGURATION MANAGEMENT

BIND-9X-001410 - On a BIND 9.x server, all root name servers listed in the local root zone file hosted on a BIND 9.x authoritative name server must be empty or removed.DISA BIND 9.x STIG v3r1Unix

CONFIGURATION MANAGEMENT

BIND-9X-001430 - The BIND 9.x server implementation must implement internal/external role separation.DISA BIND 9.x STIG v3r1Unix

CONFIGURATION MANAGEMENT

CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after five minutes of inactivity.DISA Cisco NX OS Switch NDM STIG v3r6Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000260 - The Cisco perimeter switch must be configured to only allow incoming communications from authorized sources to be routed to authorized destinations.DISA Cisco IOS Switch RTR STIG v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

DISA_STIG_JBoss_EAP_6.3_v2r6.audit from DISA JBoss Enterprise Application Platform 6.3 v2r6 STIGDISA JBoss Enterprise Application Platform 6.3 STIG v2r6Unix
Ensure 'console session timeout' is less than or equal to '5' minutesTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

IDENTIFICATION AND AUTHENTICATION

ESXi: esxi-8.account-lockoutVMware vSphere Security Configuration and Hardening GuideVMware

ACCESS CONTROL

MADB-10-006200 - MariaDB must automatically terminate a user's session after organization-defined conditions or trigger events requiring session disconnect.DISA MariaDB Enterprise 10.x v2r4 DBMySQLDB

ACCESS CONTROL

MD3X-00-000330 - If passwords are used for authentication, MongoDB must store only hashed, salted representations of passwords.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

IDENTIFICATION AND AUTHENTICATION

OL09-00-002350 - OL 9 SSH daemon must disable remote X connections for interactive users.DISA Oracle Linux 9 STIG v1r5Unix

CONFIGURATION MANAGEMENT

Rackspace Database Backups - Every DB instance backed up since the last scan.Tenable Best Practices RackSpace v2.0.0Rackspace

CONTINGENCY PLANNING

RHEL-09-215080 - RHEL 9 must have the gnutls-utils package installed.DISA Red Hat Enterprise Linux 9 STIG v2r8Unix

CONFIGURATION MANAGEMENT

RHEL-09-255155 - RHEL 9 SSH daemon must disable remote X connections for interactive users.DISA Red Hat Enterprise Linux 9 STIG v2r8Unix

CONFIGURATION MANAGEMENT

SLEM-05-253045 - SLEM 5 must be configured to use TCP syncookies.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION