Item Search

Name	Audit Name	Plugin	Category
Fortigate - Admin password lockout >= 300 seconds	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - Admin password lockout threshold - '1-3'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - Admin SCP - 'disabled'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - Alert Emails - 'admin address'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND INFORMATION INTEGRITY
Fortigate - Antispam License - Not Expired	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - Disable auto USB installation - 'config'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - Disable SSHv1 admin access	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - DNS - primary server	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - DNS - secondary server	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - Does not use self-signed certificate - 'user'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - Encrypt logs sent to FortiAnalyzer/FortiManager	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - External Logging - 'fortianalyzer2'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - External Logging - 'fortianalyzer3'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Fortianalyzer2 Logs - severity 'information'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Fortianalyzer3 Logs - severity 'information'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Log user authentication messages	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Login Banner - post-login-banner	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - NTP server configuration - *.ntp.org	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Password Complexity - 1 non-alphanum character	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - Password Complexity - 1 uppercase letter	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - Password Complexity - at least 1 char	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - Password Complexity - length >= 8	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - Password Expiry date <= 30 days	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - RADIUS, LDAP, or TACACS+ response wait period	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - Review and disable unused interfaces	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - SNMP is enabled	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - SNMP v3 uses SHA instead of MD5	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - Syslog2 Logging - severity 'information'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Syslogd Logging - severity 'information'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Use non default admin access ports - 'HTTPS'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - Use non default admin access ports - 'SSH'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - Webfilter License - Not Expired	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - Wireless-activity event logging	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Salesforce.com : AuthConfig - 'Auth Providers = Facebook'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Key'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Key'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Secret'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Issuer'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Consumer Secret'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Default Scope'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - No SSO Auth Providers have been configured	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	IDENTIFICATION AND AUTHENTICATION
Salesforce.com : CronTrigger - 'Cron Jobs with Status of BLOCKED'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : Email Services - 'AddressInactiveAction != 2'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : Email Services - 'FunctionInactiveAction != 2'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : Setting Session Security - 'Enable clickjack protection for setup pages = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND COMMUNICATIONS PROTECTION
Salesforce.com : Setting Session Security - 'Enable CSRF protection on GET requests on non-setup pages = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND COMMUNICATIONS PROTECTION
Salesforce.com : Setting Session Security - 'Force relogin after Login-As-User = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Review Users that have not changed their password recently'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Session Timeout <= 2 hours'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : User Access - Users have only been modified by known administrators	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL

Detections

Analytics

Item Search