Item Search

NameAudit NamePluginCategory
1.10 Do not create access keys during initial setup for IAM users with a console passwordCIS Amazon Web Services Foundations v5.0.0 L1amazon_aws

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

1.13 Ensure 'Smart Lock' is set to DisabledMobileIron - CIS Google Android 7 v1.0.0 L2MDM

CONFIGURATION MANAGEMENT

3.1 Ensure each Auto-Scaling Group has an associated Elastic Load BalancerCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

CONFIGURATION MANAGEMENT

3.1.13 Ensure the correct SQL statements generating errors are recordedCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.14 Ensure the correct SQL statements generating errors are recordedCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.5 Ensure CloudTrail logs are encrypted at rest using KMS CMKsCIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Secure MySQL Keyring - keyring_okv_pathCIS MySQL 5.7 Community Linux OS L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.13 Ensure Web Tier Auto-Scaling Group has an associated Elastic Load BalancerCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

CONFIGURATION MANAGEMENT

3.14 Ensure App Tier Auto-Scaling Group has an associated Elastic Load BalancerCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

CONFIGURATION MANAGEMENT

4.2 Ensure a SNS topic is created for sending out notifications from RDS events - RDS Event SubscriptionsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.4 Rebuild the images to include security patchesCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

6.11 Ensure a route table for the public subnets is createdCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.12 Ensure a route table for the private subnets is createdCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.20 Ensure Web tier Security Group has no inbound rules for CIDR of 0 (Global Allow)CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

7.14 System information backup to remote computersCIS Apple macOS 10.13 L2 v1.1.0Unix

CONTINGENCY PLANNING

7.15 System information backup to remote computersCIS Apple macOS 10.12 L2 v1.2.0Unix

CONTINGENCY PLANNING

9.11 Check Groups in passwd(4)CIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

9.11 Check Groups in passwd(4)CIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

9.12 Check That Users Are Assigned Home DirectoriesCIS Solaris 11.1 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

9.12 Check That Users Are Assigned Home DirectoriesCIS Solaris 11 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.12 Check That Users Are Assigned Home DirectoriesCIS Solaris 11.2 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.14 Check That Users Are Assigned Home DirectoriesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

9.21 Find World Writable FilesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

9.21 Find World Writable FilesCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

9.22 Find World Writable FilesCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

9.24 Find Files and Directories with Extended AttributesCIS Solaris 11.2 L1 v1.1.0Unix
EX13-MB-000180 - Exchange Receive connectors must control the number of recipients per message.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000190 - The Exchange Receive Connector Maximum Hop Count must be 60.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000225 - The Exchange Outbound Connection Limit per Domain Count must be controlled.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-ED-000200 - Exchange Outbound Connection Limit per Domain Count must be controlled.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-ED-000270 - Exchange Receive connector Maximum Hop Count must be 60.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-ED-000500 - Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List entries must be empty.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-ED-000500 - Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List entries must be empty.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-ED-000510 - The Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List Connection filter must be enabled.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-MB-000320 - Exchange Mail Quota settings must not restrict receiving mail.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-MB-000360 - Exchange Receive connectors must control the number of recipients per message.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-ED-000111 - Exchange Outbound Connection limit per Domain Count must be controlled.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-ED-000137 - Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List entries must be empty.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

SYSTEM AND INFORMATION INTEGRITY

EX19-MB-000125 - The Exchange Receive Connector Maximum Hop Count must be 60.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-MB-000132 - The Exchange Outbound Connection Timeout must be 10 minutes or less.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 15'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 104'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 117'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 132'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 171'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 176'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

TNS_IBM_HTTP_Server_Linux_Best_Practice_Middleware.auditTNS IBM HTTP Server Best Practice MiddlewareUnix