Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Ensure NGINX is installedCIS NGINX Benchmark v2.1.0 L1 WebserverUnix

SYSTEM AND SERVICES ACQUISITION

1.5.1.1 Ensure message of the day is configured properlyCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

2.1.1.2 Ensure chrony is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

2.1.2 Verify Backups are GoodCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on LinuxUnix

CONTINGENCY PLANNING

2.1.3 Secure Backup CredentialsCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on LinuxUnix

ACCESS CONTROL, CONTINGENCY PLANNING, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.6 Backup of Configuration and Related FilesCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on LinuxUnix

CONTINGENCY PLANNING

2.4 Do Not Reuse UsernamesCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

ACCESS CONTROL

2.4 Do Not Reuse UsernamesCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

2.4 Do Not Reuse UsernamesCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

2.4 Ensure 'Protect RE' Firewall Filter includes explicit terms for all ProtocolsCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Do Not Reuse UsernamesCIS MySQL 8.4 Enterprise v1.0.0 L1 DatabaseMySQLDB

ACCESS CONTROL

2.5 Do Not Reuse UsernamesCIS MySQL 8.0 Community Database L1 v1.1.0MySQLDB

ACCESS CONTROL

2.5 Do Not Reuse UsernamesCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 DatabaseMySQLDB

ACCESS CONTROL

2.5 Do Not Reuse UsernamesCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 DatabaseMySQLDB

ACCESS CONTROL

2.11 Lock Out Accounts if Not Currently in UseCIS Oracle MySQL Community Server 8.4 v1.0.0 L2 DatabaseMySQLDB

ACCESS CONTROL

2.11 Lock Out Accounts if Not Currently in UseCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 DatabaseMySQLDB

ACCESS CONTROL

2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured CorrectlyCIS Oracle MySQL Community Server 8.4 v1.0.0 L2 DatabaseMySQLDB

SYSTEM AND SERVICES ACQUISITION

2.16 Require Client-Side Certificates (X.509)CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 DatabaseMySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Control access to audit records - /etc/security/audit_controlCIS Apple macOS 10.12 L1 v1.2.0Unix
3.4 Control access to audit records - /var/auditCIS Apple macOS 10.12 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure journald is configured to write logfiles to persistent diskCIS Bottlerocket L1Unix

AUDIT AND ACCOUNTABILITY

4.3.2.9 Ensure mrouted is not in useCIS IBM AIX 7 v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

5.5 Ensure The Use Of SYS* Privileges Is AuditedCIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

AUDIT AND ACCOUNTABILITY

5.7 Ensure 'GRANT OPTION' is Not Granted to Non-Administrative UsersCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 DatabaseMySQLDB

ACCESS CONTROL

5.7 Ensure 'GRANT OPTION' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Community Database L1 v1.1.0MySQLDB

ACCESS CONTROL

5.7 Ensure 'GRANT OPTION' is Not Granted to Non-Administrative UsersCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 DatabaseMySQLDB

ACCESS CONTROL

5.7 Ensure 'GRANT OPTION' is Not Granted to Non-Administrative UsersCIS MySQL 8.4 Enterprise v1.0.0 L1 DatabaseMySQLDB

ACCESS CONTROL

5.8 Ensure 'REPLICATION SLAVE' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.8 Ensure 'REPLICATION SLAVE' is Not Granted to Non-Administrative UsersCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.8 Ensure 'REPLICATION SLAVE' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.8 Ensure 'REPLICATION SLAVE' is Not Granted to Non-Administrative UsersCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION

7.1 Wireless technology on OS XCIS Apple OSX 10.11 El Capitan L2 v1.1.0Unix
7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - '@@global.sql_mode'CIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION

7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - '@@session.sql_mode'CIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION

7.3 Ensure Passwords are Set for All MySQL AccountsCIS MySQL 8.0 Community Database L1 v1.1.0MySQLDB

IDENTIFICATION AND AUTHENTICATION

DG0019-ORACLE11 - Application software should be owned by a Software Application account - 'Oracle base directory file permissions are correct'DISA STIG Oracle 11 Installation v9r1 WindowsWindows

CONFIGURATION MANAGEMENT

DG0195-ORACLE11 - DBMS production application and data directories should be protected from developers on shared production/development DBMS host systems - 'root is not a mamber of the oracle group'DISA STIG Oracle 11 Installation v9r1 LinuxUnix

ACCESS CONTROL

DO3538-ORACLE11 - The Oracle REMOTE_OS_AUTHENT parameter should be set to FALSE - 'remote_os_authent = false'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
ICMP: Do not return Proxy ARP requestsTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

JBOS-AS-000045 - Silent Authentication must be removed from the Default Application Security Realm.DISA JBoss EAP 6.3 STIG v2r5Unix

ACCESS CONTROL

JBOS-AS-000050 - Silent Authentication must be removed from the Default Management Security Realm.DISA JBoss EAP 6.3 STIG v2r5Unix

ACCESS CONTROL

JBOS-AS-000240 - Remote access to JMX subsystem must be disabled.DISA JBoss EAP 6.3 STIG v2r5Unix

CONFIGURATION MANAGEMENT

MYS8-00-009700 - The MySQL Database Server 8.0 must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

O112-BP-021900 - The Oracle REMOTE_OS_AUTHENT parameter must be set to FALSE.DISA STIG Oracle 11.2g v2r5 DatabaseOracleDB

CONFIGURATION MANAGEMENT

RHEL-06-000505 - The operating system must conduct backups of system-level information contained in the information system per organization defined frequency to conduct backups that are consistent with recovery time and recovery point objectives.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Full-text Filter Daemon Launcher'DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Browser'DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT