Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5.5 (L1) Ensure 'Locked' is set to 'Enabled'CIS Mozilla Firefox ESR GPO v1.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

1.2.9 Ensure that the APIPriorityAndFairness feature gate is enabledCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.5 Ensure that the --bind-address argument is set to 127.0.0.1CIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.7 Ensure that the --bind-address argument is set to 127.0.0.1CIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.7 Ensure that the --bind-address argument is set to 127.0.0.1CIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.7 Ensure that the --bind-address argument is set to 127.0.0.1CIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.7 Ensure that the --bind-address argument is set to 127.0.0.1CIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.4.2 Ensure that the --bind-address argument is set to 127.0.0.1CIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.4.2 Ensure that the --bind-address argument is set to 127.0.0.1CIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.4.2 Ensure that the --bind-address argument is set to 127.0.0.1CIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.4.2 Ensure that the --bind-address argument is set to 127.0.0.1CIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.5 Set the ACL for each 'snmp-server community'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.6 Create an 'access-list' for use with SNMP - 'SNMP deny secured by ACL'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.6 Create an 'access-list' for use with SNMP - 'SNMP permit secured by ACL'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.7 Set 'snmp-server host' when using SNMPCIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.8 Set 'snmp-server enable traps snmp'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3CIS Cisco IOS 15 L2 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.7.1 Enabling Post-Quantum (PQ) on IKEv2 VPNsCIS Palo Alto Firewall 10 v1.2.0 L2Palo_Alto

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1.1.4 Set 'seconds' for 'ip ssh timeout'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1.1.5 Set maximimum value for 'ip ssh authentication-retries'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1.2 Set version 2 for 'ip ssh version'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.2 Set 'no cdp run'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.3 Set 'no ip bootp server'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Set 'no service dhcp'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Set 'no service dhcp' - dhcp poolCIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.5 Set 'no ip identd'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.6 Set 'service tcp-keepalives-in'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.8 Set 'no service pad'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure network traffic is restricted between containers on the default bridgeCIS Docker v1.7.0 L1 Docker - LinuxUnix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Ensure that MongoDB only listens for network connections on authorized interfacesCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Ensure that MongoDB only listens for network connections on authorized interfacesCIS MongoDB 3.6 L1 Unix Audit v1.1.0Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.4 Ensure that the --read-only-port is disabledCIS Google Kubernetes Engine (GKE) v1.7.0 L1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Ensure that the --streaming-connection-idle-timeout argument is not set to 0CIS Google Kubernetes Engine (GKE) v1.7.0 L1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

3.17 (L1) Host must automatically terminate idle host client sessionsCIS VMware ESXi 8.0 v1.1.0 L1VMware

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure that the kube-proxy metrics service is bound to localhostCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

5.7 Ensure HTTP Request Methods Are RestrictedCIS Apache HTTP Server 2.4 v2.2.0 L1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

5.9 Ensure Old HTTP Protocol Versions Are DisallowedCIS Apache HTTP Server 2.4 v2.2.0 L1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 3.6 L1 Unix Audit v1.1.0Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure that MongoDB uses a non-default portCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

6.5.4 (L1) Ensure SMTP AUTH is disabledCIS Microsoft 365 Foundations v4.0.0 L1 E3microsoft_azure

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

6.5.4 (L1) Ensure SMTP AUTH is disabledCIS Microsoft 365 Foundations v4.0.0 L1 E5microsoft_azure

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

9.3 Ensure 'safkeyringhw:' is set to use a hardware crypto cardCIS IBM WebSphere Liberty v1.0.0 L2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.1.2 Ensure 'SMB protocol version' is set to 'SMB 3.1.1' or higher for SMB file sharesCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 10 L2 v1.1.0Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 10.1 v1.1.0 L2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 11 v1.0.0 L2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION