Item Search

Name	Audit Name	Plugin	Category
1.3.7 Ensure 'Required Password Change Period' is less than or equal to 90 days	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	ACCESS CONTROL
2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
2.2.16 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.2.17 (L1) Ensure 'Deny log on as a batch job' to include 'Guests'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
2.2.17 Ensure 'Deny log on as a batch job' to include 'Guests'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.2.18 Ensure 'Deny log on as a service' to include 'Guests'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.2.19 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
2.3.1.1 (L1) Ensure 'Accounts: Administrator account status' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
2.3.1.1 Ensure 'Accounts: Administrator account status' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.3.1.2 (L1) Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
2.3.1.3 (L1) Ensure 'Accounts: Guest account status' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.3.1.6 (L1) Configure 'Accounts: Rename guest account'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
2.3.1.6 Configure 'Accounts: Rename guest account'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.13 Ensure 'sa' Login Account is set to 'Disabled'	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	ACCESS CONTROL
2.14 Ensure 'sa' Login Account is set to 'Disabled'	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	ACCESS CONTROL
3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	ACCESS CONTROL
3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases - Orphaned Users are Dropped from SQL Server Databases	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	ACCESS CONTROL
3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases - Orphaned Users are Dropped from SQL Server Databases	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	ACCESS CONTROL
3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'	CIS Oracle Server 18c DB Traditional Auditing v1.1.0	OracleDB	ACCESS CONTROL
3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	ACCESS CONTROL
3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'	CIS Oracle Server 12c DB Traditional Auditing v3.0.0	OracleDB	ACCESS CONTROL
3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	ACCESS CONTROL
3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'	CIS Oracle Server 12c DB Traditional Auditing v3.0.0	OracleDB	ACCESS CONTROL
3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	ACCESS CONTROL
4.1.4 Ensure that default service accounts are not actively used	CIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L1	GCP	ACCESS CONTROL
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	ACCESS CONTROL
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	ACCESS CONTROL
5.3.2 (L1) Ensure 'Access reviews' for Guest Users are configured	CIS Microsoft 365 Foundations v5.0.0 L1 E5	microsoft_azure	ACCESS CONTROL
5.3.3 (L1) Ensure 'Access reviews' for privileged roles are configured	CIS Microsoft 365 Foundations v5.0.0 L1 E5	microsoft_azure	ACCESS CONTROL
5.4.1.4 Ensure inactive password lock is 30 days or less - users	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Red Hat 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Red Hat 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS CentOS 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - users	CIS Red Hat 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - users	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.5.1.4 Ensure inactive password lock is 30 days or less - users	CIS CentOS 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
7.5 Lock Inactive User Accounts - INACTIVE=35	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	ACCESS CONTROL
7.6 Lock Inactive User Accounts	CIS Oracle Solaris 11.4 L1 v1.1.0	Unix	ACCESS CONTROL
7.6 Lock Inactive User Accounts - useradd -D, 35	CIS Solaris 11 L1 v1.1.0	Unix	ACCESS CONTROL
7.9 Lock Inactive User Accounts - Check if definact is set to 35.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
10.5 Lock Inactive User Accounts	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	ACCESS CONTROL
CIS Control 16 (16.8(a)) Disable Any Unassociated Accounts	CAS Implementation Group 1 Audit File	Unix	ACCESS CONTROL
CIS Control 16 (16.8(b)) Disable Any Unassociated Accounts	CAS Implementation Group 1 Audit File	Unix	ACCESS CONTROL
Ensure inactive password lock is 30 days or less	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	ACCESS CONTROL

Detections

Analytics

Item Search