Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.7 Verify Package Integrity Using RPMCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

1.5.3 Ensure prelink is disabledCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

1.5.4 Ensure prelink is disabledCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

1.5.4 Ensure prelink is disabledCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

2.3.11.11 Ensure 'Network security: Restrict NTLM: Audit Incoming NTLM Traffic' is set to 'Enable auditing for all accounts'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure changes to system administration scope (sudoers) is collectedCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collectedCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/gshadowCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/passwdCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/passwdCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/gshadowCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/gshadowCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/passwdCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/security/opasswdCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/security/opasswdCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/shadowCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/shadowCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/gshadowCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/shadowCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/shadowCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/shadowCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES 64-bitCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES 64-bitCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERMCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM 32-bitCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 64-bitCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EPERM 32-bitCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EPERM 32-bitCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EPERM 32-bitCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EPERM 64-bitCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.dCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoersCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoers.dCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - sudoers.dCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator actions (sudolog) are collected - auditctlCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 32-bitCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl init_moduleCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmodCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - modprobeCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - rmmodCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

6.5 Ensure Audit Filters Capture Connection Attempts - audit_log_userCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.5 Ensure Audit Filters Capture Connection Attempts - Legacy Audit ModeCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

Ensure AIDE is installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY