Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.6.3 Ensure Exec Timeout for Console Sessions is setCIS Cisco IOS XR 7.x v1.0.0 L1Cisco

CONFIGURATION MANAGEMENT, MAINTENANCE

1.20 Ensure IAM users are managed centrally via identity federation or AWS Organizations for multi-account environmentsCIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

ACCESS CONTROL

2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.2.1.1 Ensure Set Time and Date Automatically Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.6 Ensure Relational Database Service Instances have Auto Minor Version Upgrade EnabledCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure RDS event subscriptions are enabled for Instance level eventsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

5.1.5 Ensure No World Writable Folders Exist in the System FolderCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6 Ensure routing tables for VPC peering are "least access"CIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.34 Ensure RDS Database is configured to use the Data Tier Security GroupCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

ACCESS CONTROL

Default Authentication RealmTenable Cisco ACICisco_ACI

ACCESS CONTROL

DNS Profile - Address - DNS Server 1Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

DNS Profile - Address - DNS Server 2Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

Enforce Password Change IntervalTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

EX13-MB-000270 - The Exchange Global Recipient Count Limit must be set.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-MB-000540 - The Exchange Global Recipient Count Limit must be set.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND INFORMATION INTEGRITY

EX19-MB-000142 - The Exchange Global Recipient Count Limit must be set.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

SYSTEM AND INFORMATION INTEGRITY

First Hop Security - Router Advertisement Guard - Admin StatusTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

First Hop Security - Source Guard - Admin StatusTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

Include Login in Session RecordsTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

Include Logout in Session RecordsTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

Include Refresh in Session RecordsTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

JUEX-L2-000170 - If STP is used, the Juniper EX switch must be configured to implement Rapid STP, or Multiple STP, where VLANs span multiple switches with redundant links.DISA Juniper EX Series Layer 2 Switch v2r2Juniper

CONFIGURATION MANAGEMENT

Keychain Policy - Key Policy - EndtimeTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Management Access Policy - HTTP - Admin StateTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

Management Access Policy - HTTPS - Cipher ConfigurationTenable Cisco ACICisco_ACI
Management Access Policy - HTTPS - SSL Protocols - TLSv1Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

Management Access Policy - HTTPS - SSL Protocols - TLSv1.1Tenable Cisco ACICisco_ACI

SYSTEM AND COMMUNICATIONS PROTECTION

Management Access Policy - SSH Access Via Web - Admin StateTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

Management Access Policy - Telnet - Admin StateTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

Minimum period between password changes (hours)Tenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Number of changes allowed within the change interval (changes)Tenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Number of recent user passwords to storeTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Password Change Interval (hours)Tenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Password Strength Check - EnabledTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Password Strength Check - Password Minimum LengthTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Password Strength Check - Password Strength Test TypeTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Policies - Pod - Date and Time Policy - Administrative StateTenable Cisco ACICisco_ACI
Policies - Pod - Date and Time Policy - HostTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

Remote user login policyTenable Cisco ACICisco_ACI

ACCESS CONTROL

SNMP Destination - Community NameTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

SNMP Destination - HostTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

SNMP Destination - v3 Security levelTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

SOL-11.1-070190 - All valid SUID/SGID files must be documented.DISA STIG Solaris 11 X86 v3r1Unix

CONFIGURATION MANAGEMENT

Syslog - Admin StateTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

Syslog - Local File Destination - Admin StateTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

Syslog - Local File Destination - SeverityTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

Syslog - Show MilliSeconds in TimestampTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

System Alias and Banners - Switch CLI BannerTenable Cisco ACICisco_ACI

ACCESS CONTROL

Web Token Timeout (s)Tenable Cisco ACICisco_ACI

ACCESS CONTROL