Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Ensure Snowflake SCIM integration is configured to automatically provision and deprovision users and groups (i.e. roles)CIS Snowflake Foundations v1.0.0 L2Snowflake

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.3 Ensure no 'root' user account access key existsCIS Amazon Web Services Foundations v5.0.0 L1amazon_aws

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.3.3 Ensure that the --use-service-account-credentials argument is set to trueCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

1.3.3 Ensure that the --use-service-account-credentials argument is set to trueCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

1.3.3 Ensure that the --use-service-account-credentials argument is set to trueCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

1.3.3 Ensure that the --use-service-account-credentials argument is set to trueCIS Kubernetes v1.11.1 L1 Master NodeUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

2.1 Ensure that IP addresses are mapped to usernames - User ID AgentsCIS Palo Alto Firewall 9 v1.1.0 L2Palo_Alto

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.1 Ensure that IP addresses are mapped to usernames - ZonesCIS Palo Alto Firewall 9 v1.1.0 L2Palo_Alto

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only)CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only)CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.5 (L1) Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.6.1 Ensure Guest Account Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

3.5 Review Superuser/Admin Roles - clusterAdminCIS MongoDB 4 L2 DB v1.0.0MongoDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.5 Review Superuser/Admin Roles - dbAdminAnyDatabaseCIS MongoDB 4 L2 DB v1.0.0MongoDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.5 Review Superuser/Admin Roles - dbOwnerCIS MongoDB 4 L2 DB v1.0.0MongoDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.5 Review Superuser/Admin Roles - hostManagerCIS MongoDB 4 L2 DB v1.0.0MongoDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.5 Review Superuser/Admin Roles - readWriteAnyDatabaseCIS MongoDB 4 L2 DB v1.0.0MongoDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.5 Review Superuser/Admin Roles - userAdminCIS MongoDB 4 L2 DB v1.0.0MongoDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.5 Review Superuser/Admin Roles - userAdminAnyDatabaseCIS MongoDB 4 L2 DB v1.0.0MongoDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.3 Minimize wildcard use in Roles and ClusterRolesCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.1.3 Ensure Guest Account Is DisabledCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

6.1.3 Ensure Guest Account Is DisabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

6.1.3 Ensure Guest Account Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

6.1.3 Ensure Guest Account Is DisabledCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

6.15 Ensure that 'Guest users access restrictions' is set to 'Guest user access is restricted to properties and memberships of their own directory objects'CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

6.16 Ensure that 'Guest invite restrictions' is set to 'Only users assigned to specific admin roles can invite guest users'CIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

6.17 Ensure that 'Restrict access to Microsoft Entra admin center' is set to 'Yes'CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.23 Ensure that no custom subscription administrator roles existCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.24 Ensure that a custom role is assigned permissions for administering resource locksCIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

9.1.1 (L1) Ensure guest user access is restrictedCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

9.1.1 (L1) Ensure guest user access is restrictedCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

9.1.8 (L1) Ensure enabling of external data sharing is restrictedCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

9.1.8 (L1) Ensure enabling of external data sharing is restrictedCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

9.3.6 Ensure that Role Based Access Control for Azure Key Vault is enabledCIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

9.3.7 Ensure that Public Network Access when using Private Endpoint is disabledCIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

11.1 Ensure SELinux Is Enabled in Enforcing ModeCIS Apache HTTP Server 2.4 v2.2.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

Big Sur - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Big Sur - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - 800-171Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Catalina - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION