Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.5.2 Ensure nodev option set on /var/tmp partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.5.3 Ensure nosuid option set on /var/tmp partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.7.2 Ensure nodev option set on /var/log/audit partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.2.5 Ensure updates, patches, and additional security software are installedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4.1.7 Ensure the MCS Translation Service (mcstrans) is not installedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.5.5 Ensure kernel.dmesg_restrict is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.9 Ensure systemd-coredump ProcessSizeMax is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.13.2.1.4 Ensure 'Promote Level 2 errors as errors, not warnings' is set to DisabledCIS Microsoft Office Outlook 2013 v1.1.0 Level 1Windows

SYSTEM AND INFORMATION INTEGRITY

2.1.3 Ensure chrony is not run as the root userCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

2.2.4 Ensure dns server services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.7 Ensure ftp server services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.13 Ensure rsync services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.15 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.18 Ensure web server services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.22 Ensure only approved services are listening on a network interfaceCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.1.3 Ensure bluetooth services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.5 Ensure net.ipv4.conf.default.send_redirects is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.7 Ensure net.ipv4.icmp_echo_ignore_broadcasts is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.9 Ensure net.ipv4.conf.default.accept_redirects is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.14 Ensure net.ipv4.conf.all.accept_source_route is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.15 Ensure net.ipv4.conf.default.accept_source_route is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.6 Ensure net.ipv6.conf.default.accept_source_route is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.7 Ensure net.ipv6.conf.all.accept_ra is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

5.2.12 Ensure sshd KexAlgorithms is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.15 Ensure sshd MACs are configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.17 Ensure sshd MaxSessions is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.2.22 Ensure sshd UsePAM is enabledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.4.2.1.1 Ensure pam_faillock module is enabledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.4.2.1.2 Ensure password failed attempts lockout is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.4.2.3.1 Ensure pam_pwhistory module is enabledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.5.2.2 Ensure root is the only GID 0 accountCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION

5.5.2.4 Ensure root account access is controlledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.5.2.8 Ensure accounts without a valid login shell are lockedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.5.3.2 Ensure default user shell timeout is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

6.1.2.6 Ensure rsyslog is not configured to receive logs from a remote clientCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.3.3 Ensure cryptographic mechanisms are used to protect the integrity of audit toolsCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

7.1.4 Ensure access to /etc/group- is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.6 Ensure access to /etc/shadow- is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.12 Ensure no files or directories without an owner and a group existCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

18.9.26.1 (L1) Ensure 'Allow Custom SSPs and APs to be loaded into LSASS' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.27.1 Ensure 'Allow Custom SSPs and APs to be loaded into LSASS' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.18.2 (L1) Ensure 'Enable App Installer Experimental Features' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.18.5 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.18.5 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.10.18.5 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.57.3.3.7 (L2) Ensure 'Do not allow WebAuthn redirection' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

18.10.57.3.3.7 (L2) Ensure 'Do not allow WebAuthn redirection' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.57.3.3.7 (L2) Ensure 'Do not allow WebAuthn redirection' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.57.3.3.7 Ensure 'Do not allow WebAuthn redirection' is set to 'Enabled'CIS Microsoft Windows Server 2025 v2.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT