Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.8 Ensure that the --repair-malformed-updates argument is set to falseCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.13 Ensure that the admission control policy is set to NamespaceLifecycleCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

ACCESS CONTROL

1.1.22 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - kubelet-client-certificateCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.27 Ensure that the admission control policy is set to ServiceAccountCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

ACCESS CONTROL

1.1.28 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - tls-private-key-fileCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.30 Ensure that the --etcd-cafile argument is set as appropriateCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.36 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-file contentsCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

AUDIT AND ACCOUNTABILITY

1.1.36 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-file parameterCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

AUDIT AND ACCOUNTABILITY

1.1.37 Ensure that the --request-timeout argument is set as appropriateCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.1 Ensure that the --profiling argument is set to falseCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.3.5 Ensure that the --root-ca-file argument is set as appropriateCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.3.7 Ensure that the RotateKubeletServerCertificate argument is set to trueCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.3 Ensure that the controller manager pod specification file permissions are set to 644 or more restrictiveCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.15 Ensure that the scheduler.conf file permissions are set to 644 or more restrictiveCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.6.3 Create administrative boundaries between resources using namespacesCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

ACCESS CONTROL

2.3.11.6 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' - Send NTLMv2 response only. Refuse LM & NTLMCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION

18.8.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.1.9 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 BLWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.3.9 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.3.9 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CIS Control 13 (13.6) Encrypt Mobile Device DataCAS Implementation Group 1 Audit FileUnix

ACCESS CONTROL

CIS_Apache_Tomcat_9_L2_v1.2.0.audit from CIS Apache Tomcat 9 BenchmarkCIS Apache Tomcat 9 L2 v1.2.0Unix
CIS_CentOS_Linux_7_v4.0.0_L1_Workstation.audit from CIS CentOS Linux 7 Benchmark v4.0.0CIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix
CIS_CentOS_Linux_7_v4.0.0_L2_Server.audit from CIS CentOS Linux 7 Benchmark v4.0.0CIS CentOS Linux 7 v4.0.0 L2 ServerUnix
CIS_Cisco_IOS_15_v4.1.1_Level_1.audit from CIS Cisco IOS 15 BenchmarkCIS Cisco IOS 15 L1 v4.1.1Cisco
CIS_Debian_Linux_9_Workstation_v1.0.1_L1.audit from CIS Debian Linux 9 BenchmarkCIS Debian 9 Workstation L2 v1.0.1Unix
CIS_Debian_Linux_10_v2.0.0_L2_Workstation.audit from CIS Debian Linux 10 Benchmark v2.0.0CIS Debian Linux 10 v2.0.0 L2 WorkstationUnix
CIS_Debian_Linux_11_v2.0.0_L2_Workstation.audit from CIS Debian Linux 11 Benchmark v2.0.0CIS Debian Linux 11 v2.0.0 L2 WorkstationUnix
CIS_Google_Chrome_L1_v3.0.0.audit from CIS Google Chrome Benchmark v3.0.0CIS Google Chrome L1 v3.0.0Windows
CIS_Google_Chrome_L2_v3.0.0.audit from CIS Google Chrome Benchmark v3.0.0CIS Google Chrome L2 v3.0.0Windows
CIS_IBM_DB2_9_Benchmark_v3.0.1_Level_1_OS_Linux.audit from CIS IBM DB2 9 Benchmark v3.0.1CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix
CIS_IBM_DB2_11_v1.1.0_Level_1_OS_Windows.audit from CIS IBM DB2 11 v1.1.0 BenchmarkCIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows
CIS_Linux_Mint_22_v1.0.0_L1_Workstation.audit from CIS Linux Mint 22 Benchmark v1.0.0CIS Linux Mint 22 v1.0.0 L1 WorkstationUnix
CIS_Microsoft_Edge_v3.0.0_L2.audit from CIS Microsoft Edge Benchmark v3.0.0CIS Microsoft Edge v3.0.0 L2Windows
CIS_Oracle_Database_23ai_v1.1.0_L1_RDBMS_On_Windows_Server_Host_OS_Windows.audit from CIS Oracle Database 23ai Benchmark v1.1.0CIS Oracle Database 23ai v1.1.0 L1 RDBMS On Windows Server Host OS WindowsWindows
CIS_Oracle_Linux_8_v4.0.0_L1_Server.audit from CIS Oracle Linux 8 Benchmark v4.0.0CIS Oracle Linux 8 v4.0.0 L1 ServerUnix
CIS_Oracle_Linux_10_v1.0.0_L1_Server.audit from CIS Oracle Linux 10 Benchmark v1.0.0CIS Oracle Linux 10 v1.0.0 L1 ServerUnix
CIS_Oracle_Server_12c_v3.0.0_L1_Linux.audit from CIS Oracle Database 12c Benchmark v3.0.0CIS Oracle Server 12c Linux v3.0.0Unix
CIS_Rocky_Linux_8_v3.0.0_L1_Workstation.audit from CIS Rocky Linux 8 Benchmark v3.0.0CIS Rocky Linux 8 v3.0.0 L1 WorkstationUnix
CIS_Rocky_Linux_9_v2.0.0_L1_Workstation.audit from CIS Rocky Linux 9 Benchmark v2.0.0CIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix
CIS_Rocky_Linux_9_v2.0.0_L2_Server.audit from CIS Rocky Linux 9 Benchmark v2.0.0CIS Rocky Linux 9 v2.0.0 L2 ServerUnix
CIS_Rocky_Linux_10_v1.0.0_L2_Server.audit from CIS Rocky Linux 10 Benchmark v1.0.0CIS Rocky Linux 10 v1.0.0 L2 ServerUnix
CIS_VMware_ESXi_6.7_v1.3.0_L2_Bare_Metal.audit from CIS VMware ESXi 6.7 Benchmark v1.3.0CIS VMware ESXi 6.7 v1.3.0 Level 2 Bare MetalUnix