Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.4 Ensure Passwords are Not Stored in the service fileCIS PostgreSQL 14 OS v 1.3.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Configure TLS authentication for Docker daemon --tlscacertCIS Docker 1.13.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured --tlskeyCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only'AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1MDM
4.1.9 Avoid non-default bindings to system:unauthenticatedCIS Google Kubernetes Engine GKE v1.9.0 L1 GCPGCP

ACCESS CONTROL

4.3.2.13 Ensure timed is not in useCIS IBM AIX 7 v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

4.5 Use pg_permission extension to audit object permissionsCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

4.7 Ensure the set_user extension is installedCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

4.8 Make use of default rolesCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

4.9 Make use of predefined rolesCIS PostgreSQL 13 v1.3.0 L1 Database PostgreSQLDBPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.9 Make use of predefined rolesCIS PostgreSQL 14 DB v 1.3.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.9 Make use of predefined rolesCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.12 Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All ProjectsCIS Google Cloud Platform Foundation v4.0.0 L2GCP

SYSTEM AND SERVICES ACQUISITION

5.1 Do Not Specify Passwords in the Command LineCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.7 Ensure No World Writable Folders Exist in the Library FolderCIS Apple macOS 15.0 Sequoia v2.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.7 Ensure No World Writable Folders Exist in the Library FolderCIS Apple macOS 26 Tahoe v1.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.7 Ensure No World Writable Folders Exist in the Library FolderCIS Apple macOS 13.0 Ventura v4.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.7 Ensure No World Writable Folders Exist in the Library FolderCIS Apple macOS 14.0 Sonoma v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.3.1 Remove operating system related ESPs - sybsyesp.soCIS Sybase 15.0 L2 OS Unix v1.1.0Unix

CONFIGURATION MANAGEMENT

6.2.3 Ensure That the 'Log_disconnections' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'On'CIS Google Cloud Platform Foundation v4.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

6.3.2.9 Ensure the audit system is configured to take an appropriate action when the internal event queue is fullCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

6.4 Ensure 'SIGHUP' Runtime Parameters are ConfiguredCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDBPostgreSQLDB

CONFIGURATION MANAGEMENT

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDBPostgreSQLDB

CONFIGURATION MANAGEMENT

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

6.10 Ensure Weak SSL/TLS Ciphers Are DisabledCIS PostgreSQL 14 OS v 1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.12 Update the Java Runtime Environment (JRE) regularly if Java is in useCIS Sybase 15.0 L2 OS Unix v1.1.0Unix

CONFIGURATION MANAGEMENT

7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_ALGORITHMS_ALLOW'CIS Solaris 10 L2 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_ALGORITHMS_ALLOW'CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_DEFAULT'CIS Solaris 10 L2 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure PostgreSQL configuration files are outside the data clusterCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

8.8 Secure the permissions of the SSLconfig.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows
8.8 Secure the permissions of the SSLconfig.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix
AIX7-00-003057 - The timed daemon must be disabled on AIX.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

CD12-00-000200 - PostgreSQL must produce audit records containing sufficient information to establish the outcome (success or failure) of the events.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

AUDIT AND ACCOUNTABILITY

CD12-00-003200 - The PostgreSQL software installation account must be restricted to authorized users.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

CONFIGURATION MANAGEMENT

CD12-00-004300 - When updates are applied to PostgreSQL software, any software components that have been replaced or made unnecessary must be removed.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

SYSTEM AND INFORMATION INTEGRITY

CD12-00-007400 - PostgreSQL must be configured to provide audit record generation for DoD-defined auditable events within all DBMS/database components.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

AUDIT AND ACCOUNTABILITY

EPAS-00-004500 - The EDB Postgres Advanced Server, when utilizing PKI-based authentication, must validate certificates by performing RFC 5280-compliant certification path validation.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

EX16-ED-000760 - The application must be configured to block and quarantine malicious code upon detection, then send an immediate alert to appropriate individuals.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-ED-002410 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6Windows

SYSTEM AND INFORMATION INTEGRITY

O19C-00-019800 - Oracle Database must, for password-based authentication, verify that when users create or update passwords, the passwords are not found on the list of commonly used, expected, or compromised passwords in IA-5 (1) (a).DISA Oracle Database 19c STIG v1r3 OracleDBOracleDB

IDENTIFICATION AND AUTHENTICATION

PGS9-00-003200 - The PostgreSQL software installation account must be restricted to authorized users.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

CONFIGURATION MANAGEMENT

PGS9-00-004300 - When updates are applied to PostgreSQL software, any software components that have been replaced or made unnecessary must be removed.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

SYSTEM AND INFORMATION INTEGRITY

PGS9-00-004400 - PostgreSQL must generate audit records when categorized information (e.g., classification levels/security levels) is accessed.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

AUDIT AND ACCOUNTABILITY

PGS9-00-005200 - PostgreSQL must generate audit records when security objects are deleted.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

AUDIT AND ACCOUNTABILITY

PGS9-00-006100 - PostgreSQL must generate audit records when privileges/permissions are deleted.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

AUDIT AND ACCOUNTABILITY