Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4 Ensure the default value of individual salt per vm is configuredCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.2 Ensure GDM login banner is configured - banner message enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.2 Ensure GDM login banner is configured - system-db:gdmCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5 Ensure 'Ole Automation Procedures' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databasesCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.16 Ensure no login exists with the name 'sa'CIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1 Ensure 'Idle timeout' is less than or equal to 10 minutes for Configuration utility sessionsCIS F5 Networks v1.0.0 L1F5

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.1 Ensure IP forwarding is disabled - ipv4 /etc/sysctl.conf /etc/sysctl.d/*CIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.1 Ensure IP forwarding is disabled - ipv6 /etc/sysctl.conf /etc/sysctl.d/*CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.2 Ensure packet redirect sending is disabled - all sysctlCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.16 Ensure 'debug_print_parse' is disabledCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.17 Ensure 'debug_print_rewritten' is disabledCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.18 Ensure 'debug_print_plan' is disabledCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.18 Ensure 'debug_print_plan' is disabled - debug_print_plan is disabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.23 Ensure 'log_hostname' is set correctlyCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.23 Ensure 'log_hostname' is set correctly - log_hostname is set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure IP forwarding is disabled - ipv4 sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure IP forwarding is disabled - ipv6 sysctl.conf sysctl.dCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure source routed packets are not accepted - files 'net.ipv4.conf.all.accept_source_route = 0'CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure source routed packets are not accepted - files 'net.ipv4.conf.default.accept_source_route = 0'CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure source routed packets are not accepted - files 'net.ipv6.conf.default.accept_source_route = 0'CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects'CIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects'CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.default.accept_redirects'CIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.default.accept_redirects'CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure ICMP redirects are not accepted - files net.ipv6.conf.all.accept_redirects= 0CIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure ICMP redirects are not accepted - files net.ipv6.conf.default.accept_redirects= 0CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.3 Ensure secure ICMP redirects are not accepted - net.ipv4.conf.all.secure_redirects = 0CIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.7 Ensure Reverse Path Filtering is enabled - files net.ipv4.conf.default.rp_filter = 1CIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.9 Ensure IPv6 router advertisements are not accepted - files net.ipv6.conf.default.accept_ra = 0CIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1 Ensure legacy TLS protocols are disabledCIS MongoDB 5 L2 OS Windows v1.2.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1 Ensure Prelogin 'Login Banner' is set - EnabledCIS F5 Networks v1.0.0 L1F5

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'Idle timeout' is less than or equal to 10 minutes for tmsh sessionsCIS F5 Networks v1.0.0 L1F5

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure excessive function privileges are revokedCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.4 Ensure excessive DML privileges are revokedCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5 Ensure excessive function privileges are revokedCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5 Ensure excessive function privileges are revokedCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.7 Make use of predefined rolesCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.11 Ensure SSH HostbasedAuthentication is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.1.1 Ensure password expiration is 365 days or less - usersCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defsCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.1.3 Ensure password expiration warning days is 7 or more - login.defsCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6 Ensure root login is restricted to system consoleCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, MAINTENANCE, SYSTEM AND SERVICES ACQUISITION

5.6 Ensure root login is restricted to system consoleCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, MAINTENANCE, SYSTEM AND SERVICES ACQUISITION

6.1.11 Ensure no unowned files or directories existCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.3.6 Ensure '3625 (trace flag)' database flag for all Cloud SQL Server instances is set to 'on'CIS Google Cloud Platform v3.0.0 L1GCP

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.5.1 Ensure VM limits are configured correctly - Mem Share LevelCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION