Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.1 Turn off Bluetooth, if no paired devices existCIS Apple OSX 10.9 L1 v1.3.0Unix
2.2.26 Ensure ldap_tls_cacert is set for LDAP - configCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

2.2.26 Ensure ldap_tls_cacert is set for LDAP - fileCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

2.2.27 Ensure ldap_id_use_start_tls is set for LDAP.CIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 4 L1 OS Linux v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 5 L1 OS Windows v1.2.0Windows

SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 3.6 L1 Unix Audit v1.1.0Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 5 L1 OS Linux v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 4 L1 OS Windows v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

6.21 Ensure that 'Wildfire Inline ML' on antivirus profiles are set to enable for all file typesCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

9.1.3.5 Ensure that 'File Integrity Monitoring' component status is set to 'On'CIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

RISK ASSESSMENT

18.9.47.9.2 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.47.9.2 Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.47.9.2 Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.2 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.10.2 Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.2 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.3 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.3 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.3 (L1) Ensure 'Turn off real-time protection' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

ALMA-09-043140 - AlmaLinux OS 9 must implement DOD-approved encryption in the bind package.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

Buffer overflow protection should be configured 'LimitRequestFieldsize'TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

Buffer overflow protection should be configured 'LimitRequestline'TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

CASA-VN-000630 - The Cisco ASA remote access VPN server must be configured to use SHA-2 at 384 bits or greater for hashing to protect the integrity of IPsec remote access sessions.DISA STIG Cisco ASA VPN v2r2Cisco

ACCESS CONTROL

CGI-BIN directory should be disabled. 'AddModule mod_env.c'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

DG0086-ORACLE11 - DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0086-ORACLE11 - DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
Encryption protocols such as https should be usedTNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

EPAS-00-001100 - The EDB Postgres Advanced Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

AUDIT AND ACCOUNTABILITY

FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected - enc-algorithmDISA Fortigate Firewall STIG v1r3FortiGate

SYSTEM AND INFORMATION INTEGRITY

FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set modeDISA Fortigate Firewall STIG v1r3FortiGate

SYSTEM AND INFORMATION INTEGRITY

JUNI-ND-000990 - The Juniper router must be configured to generate an alert for all audit failure events.DISA STIG Juniper Router NDM v3r2Juniper

AUDIT AND ACCOUNTABILITY

Latest Patches/Fixes should be installedTNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

Limit HTTP methods allowed by the Web Server.TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Logging Directives should be restricted to authorized users. - 'CustomLog logs/access_log combined'TNS IBM HTTP Server Best Practice MiddlewareUnix

AUDIT AND ACCOUNTABILITY

Logging Directives should be restricted to authorized users. - 'LogLevel notice'TNS IBM HTTP Server Best Practice MiddlewareUnix

AUDIT AND ACCOUNTABILITY

Non-Essential modules should be disabled. 'mod_dav'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_info'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_userdir'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Port securityArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-07-020022 - The Red Hat Enterprise Linux operating system must not allow privileged accounts to utilize SSH.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-09-651020 - RHEL 9 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic hashes for validating file contents and directories.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

CONFIGURATION MANAGEMENT

Server version information parameters should be turned off - 'ServerSignature Off'TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

StartServers parameter value should be appropriately configured.TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Timeout value parameter value should be appropriately configuredTNS IBM HTTP Server Best Practice MiddlewareUnix

ACCESS CONTROL

Turn off real-time protectionMSCT Windows 10 v22H2 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Turn off real-time protectionMSCT Windows Server 2022 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY