Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.1 Ensure nftables is installedCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1 Ensure ufw is installedCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.2 Ensure a single firewall configuration utility is in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.3 Ensure ufw service is enabledCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.3 Ensure ufw service is enabledCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.3 Ensure ufw service is enabledCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.4 Ensure ufw loopback traffic is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.5 Ensure Ingress Filtering is set for EBGP peersCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

4.1.7 Ensure ufw default deny firewall policyCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure firewalld drops unnecessary services and portsCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure firewalld drops unnecessary services and portsCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.2 Ensure firewalld loopback traffic is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.2 Ensure firewalld loopback traffic is configuredCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.2 Ensure ufw is uninstalled or disabled with nftablesCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure iptables are flushed with nftablesCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure iptables are flushed with nftablesCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure ufw service is enabledCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure ufw service is enabledCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.5 Ensure nftables base chains existCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.7 Ensure nftables outbound and established connections are configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.7 Ensure ufw default deny firewall policyCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.7 Ensure ufw default deny firewall policyCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure nftables base chains existCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure nftables base chains existCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1.3 Ensure ufw is uninstalled or disabled with iptablesCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2 Ensure nftables established connections are configuredCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2 Ensure nftables established connections are configuredCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2.2 Ensure iptables loopback traffic is configuredCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2.3 Ensure iptables outbound and established connections are configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3 Ensure iptables are flushed with nftablesCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3 Ensure nftables default deny firewall policyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3.2 Ensure ip6tables loopback traffic is configuredCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.4 Ensure a nftables table existsCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.4 Ensure nftables loopback traffic is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.7 Ensure nftables outbound and established connections are configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.9 Ensure nftables service is enabledCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.1.3 Ensure ufw is not in use with iptablesCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.1 Ensure iptables default deny firewall policyCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.3 Ensure iptables outbound and established connections are configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.2 Ensure ip6tables loopback traffic is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.3 Ensure ip6tables outbound and established connections are configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.6.1 Create administrative boundaries between resources using namespacesCIS Google Kubernetes Engine (GKE) v1.7.0 L1GCP

SYSTEM AND COMMUNICATIONS PROTECTION

5.7.1 Create administrative boundaries between resources using namespacesCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.8 (L1) Host should reject promiscuous mode requests on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.2.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.10.2 Ensure that Alpha clusters are not used for production workloadsCIS Google Kubernetes Engine (GKE) v1.7.0 L1GCP

SYSTEM AND COMMUNICATIONS PROTECTION

5.10.3 Consider GKE Sandbox for running untrusted workloadsCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 (L1) Ensure the vSwitch MAC Address Change policy is set to rejectCIS VMware ESXi 7.0 v1.5.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure the vSwitch MAC Address Change policy is set to rejectCIS VMware ESXi 6.5 v1.0.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 (L1) Ensure the vSwitch Promiscuous Mode policy is set to rejectCIS VMware ESXi 7.0 v1.5.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.21.2 (L1) Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION