Item Search

Name	Audit Name	Plugin	Category
2.2.4 Set IP address for 'logging host'	CIS Cisco IOS 15 L1 v4.1.1	Cisco	AUDIT AND ACCOUNTABILITY
2.8 Do not bind Docker to another IP/Port or a Unix socket	CIS Docker 1.6 v1.0.0 L1 Docker	Unix	CONFIGURATION MANAGEMENT
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all failed events across all audit classes'	CIS Apple macOS 10.13 L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file deletion events'	CIS Apple macOS 10.13 L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed login/logout events'	CIS Apple macOS 10.13 L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
3.4 Ensure Auto-Scaling Launch Configuration for App-Tier is configured to use an approved Amazon Machine Image	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	CONFIGURATION MANAGEMENT
4.7 Ensure the set_user extension is installed	CIS PostgreSQL 10 DB v1.0.0	PostgreSQLDB	ACCESS CONTROL
4.7 Ensure the set_user extension is installed	CIS PostgreSQL 11 DB v1.0.0	PostgreSQLDB	ACCESS CONTROL
4.7 Make use of predefined roles	CIS PostgreSQL 16 DB v1.0.0	PostgreSQLDB	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
4.9 Make use of predefined roles	CIS PostgreSQL 13 DB v1.2.0	PostgreSQLDB	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.2 Ensure PostgreSQL is Bound to an IP Address	CIS PostgreSQL 14 DB v 1.2.0	PostgreSQLDB	PLANNING, SYSTEM AND SERVICES ACQUISITION
5.3 Ensure the Sudo Timeout Period Is Set to Zero	CIS Apple macOS 11.0 Big Sur v4.0.0 L1	Unix	ACCESS CONTROL
5.3 Ensure the Sudo Timeout Period Is Set to Zero - permissions	CIS Apple macOS 10.15 Catalina v3.0.0 L1	Unix	ACCESS CONTROL
5.3 Ensure the Sudo Timeout Period Is Set to Zero - timestamp timeout	CIS Apple macOS 10.15 Catalina v3.0.0 L1	Unix	ACCESS CONTROL
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used	CIS PostgreSQL 14 OS v 1.2.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.10 Ensure Weak SSL/TLS Ciphers Are Disabled	CIS PostgreSQL 14 OS v 1.2.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.1.2 Remove OS Information from Login Warning Banners - /etc/issue	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	CONFIGURATION MANAGEMENT
8.1.2 Remove OS Information from Login Warning Banners - /etc/issue.net	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	CONFIGURATION MANAGEMENT
8.1.2 Remove OS Information from Login Warning Banners - /etc/motd	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	CONFIGURATION MANAGEMENT
8.7 Secure the permissions of the IBMLDAPSecurity.ini file	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux	Unix
8.7 Secure the permissions of the IBMLDAPSecurity.ini file	CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows	Windows
9.6 Configure 'Do not display the reveal password button'	CIS IE 10 v1.1.0	Windows	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
9.6 Ensure root PATH Integrity, No Group/World-Writable Directory In root's $PATH	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
9.6 Ensure Timeout Limits for the Request Body Are Set Properly - mod_reqtimeout	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	CONFIGURATION MANAGEMENT
9.6 Ensure Timeout Limits for the Request Body Are Set Properly - RequestReadTimeout	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	CONFIGURATION MANAGEMENT
9.7 Secure the permission of the SSLconfig.ini file	CIS IBM DB2 v10 v1.1.0 Windows OS Level 2	Windows
9.7 Secure the permission of the SSLconfig.ini file	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1	Unix
9.7 Secure the permission of the SSLconfig.ini file	CIS IBM DB2 v10 v1.1.0 Windows OS Level 1	Windows
9.7 Secure the permission of the SSLconfig.ini file	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2	Unix
11.2 Remove OS Information from Login Warning Banners - /etc/issue	CIS Debian Linux 7 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
11.2 Remove OS Information from Login Warning Banners - /etc/issue	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	CONFIGURATION MANAGEMENT
11.2 Remove OS Information from Login Warning Banners - /etc/issue.net	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	CONFIGURATION MANAGEMENT
11.2 Remove OS Information from Login Warning Banners - /etc/issue.net	CIS Debian Linux 7 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
11.2 Remove OS Information from Login Warning Banners - /etc/motd	CIS Debian Linux 7 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
11.2 Remove OS Information from Login Warning Banners - /etc/motd	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	CONFIGURATION MANAGEMENT
CD12-00-005100 - PostgreSQL must generate audit records when successful logons or connections occur.	DISA STIG Crunchy Data PostgreSQL DB v3r1	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
CD12-00-005200 - PostgreSQL must generate audit records when security objects are deleted.	DISA STIG Crunchy Data PostgreSQL DB v3r1	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
CD12-00-009600 - PostgreSQL must enforce access restrictions associated with changes to the configuration of PostgreSQL or database(s).	DISA STIG Crunchy Data PostgreSQL OS v3r1	Unix	CONFIGURATION MANAGEMENT
CD12-00-009700 - PostgreSQL must protect against a user falsely repudiating having performed organization-defined actions.	DISA STIG Crunchy Data PostgreSQL DB v3r1	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
EPAS-00-004500 - The EDB Postgres Advanced Server, when utilizing PKI-based authentication, must validate certificates by performing RFC 5280-compliant certification path validation.	EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1	Unix	IDENTIFICATION AND AUTHENTICATION
EX16-ED-002410 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.	DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5	Windows	SYSTEM AND INFORMATION INTEGRITY
OL08-00-030700 - OL 8 must take appropriate action when the internal event queue is full.	DISA Oracle Linux 8 STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY
OL08-00-030710 - OL 8 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited.	DISA Oracle Linux 8 STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY
PGS9-00-009700 - PostgreSQL must protect against a user falsely repudiating having performed organization-defined actions.	DISA STIG PostgreSQL 9.x on RHEL DB v2r5	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
PGS9-00-011400 - PostgreSQL must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values.	DISA STIG PostgreSQL 9.x on RHEL DB v2r5	PostgreSQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
PPS9-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords.	EDB PostgreSQL Advanced Server OS Linux Audit v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.	DISA Red Hat Enterprise Linux 8 STIG v2r3	Unix	AUDIT AND ACCOUNTABILITY
RHEL-08-030710 - RHEL 8 must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited.	DISA Red Hat Enterprise Linux 8 STIG v2r3	Unix	AUDIT AND ACCOUNTABILITY
TCAT-AS-000630 - TLS must be enabled on JMX.	DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search