Item Search

Name	Audit Name	Plugin	Category
AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands.	DISA STIG AIX 7.x v3r1	Unix	IDENTIFICATION AND AUTHENTICATION
AOSX-13-000606 - The macOS system must not use unencrypted FTP.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	IDENTIFICATION AND AUTHENTICATION
AOSX-14-002064 - The macOS system must have the security assessment policy subsystem enabled.	DISA STIG Apple Mac OSX 10.14 v2r6	Unix	CONFIGURATION MANAGEMENT
AOSX-15-002031 - The macOS system must be configured to disable the system preference pane for iCloud.	DISA STIG Apple Mac OSX 10.15 v1r10	Unix	CONFIGURATION MANAGEMENT
APPL-11-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.	DISA STIG Apple macOS 11 v1r5	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
APPL-11-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider.	DISA STIG Apple macOS 11 v1r8	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
CISC-ND-001210 - The Cisco switch must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions.	DISA STIG Cisco IOS Switch NDM v3r2	Cisco	MAINTENANCE
EP11-00-003300 - The EDB Postgres Advanced Server software installation account must be restricted to authorized users.	EDB PostgreSQL Advanced Server v11 DB Audit v2r4	PostgreSQLDB	CONFIGURATION MANAGEMENT
ESXI-65-000011 - The ESXi host SSH daemon must be configured to use only the SSHv2 protocol.	DISA STIG VMware vSphere ESXi OS 6.5 v2r4	Unix	ACCESS CONTROL
ESXI-65-000047 - The ESXi Image Profile and VIB Acceptance Levels must be verified.	DISA STIG VMware vSphere ESXi OS 6.5 v2r4	Unix	CONFIGURATION MANAGEMENT
EX13-MB-000265 - Exchange servers must have an approved DoD email-aware virus protection software installed.	DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3	Windows	SYSTEM AND INFORMATION INTEGRITY
EX16-ED-000570 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable.	DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6	Windows	SYSTEM AND INFORMATION INTEGRITY
EX16-MB-000530 - Exchange servers must have an approved DoD email-aware virus protection software installed.	DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6	Windows	SYSTEM AND INFORMATION INTEGRITY
JUNI-ND-001190 - The Juniper router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions.	DISA STIG Juniper Router NDM v3r2	Juniper	MAINTENANCE
JUNI-RT-000310 - The Juniper perimeter router must be configured to restrict it from accepting outbound IP packets that contain an illegitimate address in the source address field via egress filter or by enabling Unicast Reverse Path Forwarding (uRPF).	DISA STIG Juniper Router RTR v3r2	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
MD3X-00-000250 - MongoDB software installation account must be restricted to authorized users.	DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS	Unix	CONFIGURATION MANAGEMENT
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures.	DISA STIG Oracle 11.2g v2r5 Linux	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
O121-C1-011100 - Oracle software must be evaluated and patched against newly found vulnerabilities.	DISA STIG Oracle 12c v3r2 Database	OracleDB	CONFIGURATION MANAGEMENT
O121-C2-001800 - The system must employ automated mechanisms for supporting Oracle user account management.	DISA STIG Oracle 12c v3r2 Database	OracleDB	ACCESS CONTROL
O365-CO-000002 - Document metadata for rights managed Office Open XML files must be protected.	DISA STIG Microsoft Office 365 ProPlus v3r3	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
OH12-1X-000241 - OHS must use FIPS modules to encrypt passwords during transmission.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OL6-00-000008 - Vendor-provided cryptographic certificates must be installed to verify the integrity of system software.	DISA STIG Oracle Linux 6 v2r7	Unix	CONFIGURATION MANAGEMENT
OL6-00-000214 - The rshd service must not be running - PROCESS_CHECK	DISA STIG Oracle Linux 6 v2r7	Unix	ACCESS CONTROL
OL6-00-000216 - The rexecd service must not be running - CHKCONFIG	DISA STIG Oracle Linux 6 v2r7	Unix	ACCESS CONTROL
OL07-00-040390 - The Oracle Linux operating system must be configured so that the SSH daemon is configured to only use the SSHv2 protocol.	DISA Oracle Linux 7 STIG v3r2	Unix	IDENTIFICATION AND AUTHENTICATION
PGS9-00-000800 - If passwords are used for authentication, PostgreSQL must transmit only encrypted representations of passwords.	DISA STIG PostgreSQL 9.x on RHEL OS v2r5	Unix	IDENTIFICATION AND AUTHENTICATION
RHEL-06-000008 - Vendor-provided cryptographic certificates must be installed to verify the integrity of system software.	DISA Red Hat Enterprise Linux 6 STIG v2r2	Unix	CONFIGURATION MANAGEMENT
RHEL-07-020050 - The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.	DISA Red Hat Enterprise Linux 7 STIG v3r15	Unix	CONFIGURATION MANAGEMENT
SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support.	DISA SLES 15 STIG v2r2	Unix	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
SLES-15-010180 - The SUSE operating system must not have the telnet-server package installed.	DISA SLES 15 STIG v2r2	Unix	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
SQL6-D0-000100 - SQL Server databases must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.	DISA STIG SQL Server 2016 Database Audit v3r2	MS_SQLDB	ACCESS CONTROL
SQL6-D0-003400 - SQL Server must implement cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components.	DISA STIG SQL Server 2016 Database Audit v3r2	MS_SQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
SQL6-D0-008300 - Confidentiality of information during transmission is controlled through the use of an approved TLS version.	DISA STIG SQL Server 2016 Instance OS Audit v3r4	Windows	IDENTIFICATION AND AUTHENTICATION
UBTU-16-030900 - The system must use a DoD-approved virus scan program.	DISA STIG Ubuntu 16.04 LTS v2r3	Unix	SYSTEM AND INFORMATION INTEGRITY
VCPG-70-000011 - VMware Postgres must be configured to use Transport Layer Security (TLS).	DISA STIG VMware vSphere 7.0 PostgreSQL v1r2	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission.	Oracle WebLogic Server 12c Linux v2r2	Unix	IDENTIFICATION AND AUTHENTICATION
WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security	DISA IBM WebSphere Traditional 9 Windows STIG v1r1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
WN10-UR-000065 - The Debug programs user right must only be assigned to the Administrators group.	DISA Microsoft Windows 10 STIG v3r4	Windows	ACCESS CONTROL
WN12-AD-000001-DC - Active Directory data files must have proper access control permissions.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	ACCESS CONTROL
WN12-AD-000005-DC - Domain created Active Directory Organizational Unit (OU) objects must have proper access control permissions.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	ACCESS CONTROL
WN12-CC-000116 - The Windows Installer Always install with elevated privileges option must be disabled.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-RG-000001 - Standard user accounts must only have Read permissions to the Winlogon registry key.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-SO-000055-MS - Named pipes that can be accessed anonymously must be configured to contain no values on member servers.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000065 - The system must be configured to prevent the storage of the LAN Manager hash of passwords.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION
WN12-UR-000012 - The Create a token object user right must not be assigned to any groups or accounts.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN16-AC-000090 - Windows Server 2016 reversible password encryption must be disabled.	DISA Microsoft Windows Server 2016 STIG v2r10	Windows	IDENTIFICATION AND AUTHENTICATION
WN19-CC-000210 - Windows Server 2019 Autoplay must be turned off for non-volume devices.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	CONFIGURATION MANAGEMENT
WN19-DC-000080 - Windows Server 2019 Active Directory SYSVOL directory must have the proper access control permissions.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	ACCESS CONTROL
WN19-DC-000110 - Windows Server 2019 organization created Active Directory Organizational Unit (OU) objects must have proper access control permissions.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	ACCESS CONTROL
WN19-DC-000290 - Windows Server 2019 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA).	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search