Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.4 Ensure Databases running on RDS have encryption at rest enabledCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

1.4 Ensure MFA is enabled for the 'root' user accountCIS Amazon Web Services Foundations v5.0.0 L1amazon_aws

IDENTIFICATION AND AUTHENTICATION

2.2.2 Ensure administrator password retries and lockout time are configuredCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL

3.9 Secure MySQL Keyring - keyring_aws_conf_fileCIS MySQL 5.7 Community Linux OS L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.9 Secure MySQL Keyring - keyring_encrypted_file_data_pathCIS MySQL 5.7 Community Linux OS L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.9 Secure MySQL Keyring - keyring_file_data_pathCIS MySQL 5.7 Community Linux OS L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.9 Secure MySQL Keyring - keyring_file_data_pathCIS MySQL 5.7 Community Windows OS L1 v2.0.0Windows

ACCESS CONTROL, MEDIA PROTECTION

3.10 Secure MySQL Keyring - keyring_aws_conf_fileCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.10 Secure MySQL Keyring - keyring_encrypted_file_data_pathCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.10 Secure MySQL Keyring - keyring_file_data_pathCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0Windows

ACCESS CONTROL, MEDIA PROTECTION

3.10 Secure MySQL Keyring - keyring_file_data_pathCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

3.10 Secure MySQL Keyring - keyring_okv_pathCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1 Ensure a SNS topic is created for sending out notifications from Cloudtwatch Alarms and Auto-Scaling Groups - CloudwatchAlarmsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND INFORMATION INTEGRITY

4.1 Ensure a SNS topic is created for sending out notifications from Cloudtwatch Alarms and Auto-Scaling Groups - List SNS SubscriptionsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

ACCESS CONTROL

4.2 Ensure a SNS topic is created for sending out notifications from RDS events - List SNS SubscriptionsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

ACCESS CONTROL

4.4 Rebuild the images to include security patchesCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

4.6 Ensure AWS Management Console authentication failures are monitoredCIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

AUDIT AND ACCOUNTABILITY

7.15 System information backup to remote computersCIS Apple macOS 10.12 L2 v1.2.0Unix

CONTINGENCY PLANNING

9.14 Check That Users Are Assigned Home DirectoriesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

9.25 Find Files and Directories with Extended AttributesCIS Solaris 11.1 L1 v1.0.0Unix
9.25 Find Files and Directories with Extended AttributesCIS Solaris 11 L1 v1.1.0Unix
EX13-EG-000135 - Exchange Receive connector Maximum Hop Count must be 60.DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-EG-000250 - Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List entries must be empty.DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6Windows

SYSTEM AND INFORMATION INTEGRITY

EX13-EG-000255 - The Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List Connection filter must be enabled.DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-ED-000500 - Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List entries must be empty.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-ED-000510 - The Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List Connection filter must be enabled.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-MB-000320 - Exchange Mail Quota settings must not restrict receiving mail.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-ED-000112 - Exchange receive connector maximum hop count must be 60.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-ED-000138 - The Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List Connection filter must be enabled.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

SYSTEM AND INFORMATION INTEGRITY

EX19-MB-000127 - Exchange receive connectors must control the number of recipients per message.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-070060 - Groups assigned to users must exist in the /etc/group file.DISA STIG Solaris 11 SPARC v3r1Unix

CONFIGURATION MANAGEMENT

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 20'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 102'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 104'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 105'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 106'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 107'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 108'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 109'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 111'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 113'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 116'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 130'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 133'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 135'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 152'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 170'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 172'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 173'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 178'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL