Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.4.2 Configure Password EncryptionCIS Cisco NX-OS v1.2.0 L2Cisco

IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION

1.6.4 Configure NTP AuthenticationCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.7.1 Disable Power on Auto Provisioning (POAP)CIS Cisco NX-OS v1.2.0 L2Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7.3 Set SSH Key Modulus LengthCIS Cisco NX-OS v1.2.0 L2Cisco

CONFIGURATION MANAGEMENT, MAINTENANCE

1.10 Use Dedicated "mgmt" Interface and VRF for Administrative FunctionsCIS Cisco NX-OS v1.2.0 L2Cisco

CONFIGURATION MANAGEMENT, MAINTENANCE

2.7 Ensure internal sources are blocked on external networksCIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.1.1.1 Configure EIGRP Authentication on all EIGRP Routing DevicesCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.2.1 Ensure VRRP authentication-key is setCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

3.2.2 Ensure authentication-type is set to MD5CIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

4.1.2 Ensure peer authentication is set to IPSEC SACIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

4.1.4 Ensure Bogon Filtering is set (where EBGP is used)CIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

4.3 Configure Alerts on all Configuration ChangesCIS Cisco NX-OS v1.2.0 L2Cisco

CONFIGURATION MANAGEMENT

4.3.2 Ensure OSPF authentication is set to IPSEC SA with SHACIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

4.6.1 Ensure BFD Authentication is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

4.9.1 Ensure Secure Neighbor Discovery is configuredCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

4.12.1 Ensure LLDP is Disabled if not RequiredCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

AUDIT AND ACCOUNTABILITY

5.5 Ensure SNMP Write Access is not setCIS Juniper OS Benchmark v2.1.0 L2Juniper

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

5.6 Ensure AES128 is set for all SNMPv3 usersCIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

5.7 Ensure SHA1 is set for SNMPv3 authenticationCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.1.4 Recommend Accounting of Interactive Commands (where External AAA is used)CIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

6.2.1 Ensure Archive on CommitCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONTINGENCY PLANNING

6.5.2 Ensure ICMPv6 rate-limit is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

6.6.7 Ensure Remote Login Class for Authorization through External AAA - login classCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.7.3 Ensure NTP Boot-Server is setCIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

6.7.5 Ensure Authentication Keys are used for all NTP ServersCIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

6.7.7 Ensure Strong Authentication Methods are used for NTP AuthenticationCIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

6.10.1.7 Ensure Only Suite B Ciphers are set for SSH - ciphers restrictionCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.7 Ensure Only Suite B Ciphers are set for SSH - weak ciphersCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.10 Ensure Only Suite B Key Exchange Methods are set for SSH - weak key-exchangeCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.12 Ensure Only Suite B Based Key Signing Algorithms are set for SSH - DSA keysCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.2.3 Ensure Web-Management is Set to use PKI Certificate for HTTPSCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.2.7 Ensure Web-Management Interface Restriction is set to OOB ManagementCIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

6.10.3.2 Ensure XNM-SSL Connection Limit is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.10.3.3 Ensure XNM-SSL Rate Limit is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.10.5.3 Ensure REST is Set to use PKI Certificate for HTTPSCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.11.3 Ensure Console Port is Set to DisabledCIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND INFORMATION INTEGRITY

6.11.4 Ensure Console Port is Set as InsecureCIS Juniper OS Benchmark v2.1.0 L2Juniper

ACCESS CONTROL

6.12.2 Ensure At Least 2 External SYSLOG Hosts are Set with Any/InfoCIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

6.14 Ensure Configuration File Encryption is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

6.18 Ensure Time-Zone is Set to UTCCIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

ALMA-09-028510 - AlmaLinux OS 9 must disable remote management of the chrony daemon.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

CD12-00-002900 - PostgreSQL must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

AUDIT AND ACCOUNTABILITY

CIS Amazon Linux Benchmark Level 1CIS Amazon Linux v2.1.0 L1Unix
CIS Control 10 (10.4) Protect BackupsCAS Implementation Group 1 Audit FileUnix

CONTINGENCY PLANNING

CIS_MariaDB_10.6_Benchmark_v1.1.0_L2_Database.audit from CIS MariaDB 10.6 BenchmarkCIS MariaDB 10.6 Database L2 v1.1.0MySQLDB
CIS_NGINX_v2.1.0_Level_1_Webserver.audit from CIS NGINX Benchmark v2.1.0CIS NGINX Benchmark v2.1.0 L1 WebserverUnix
MADB-10-001700 - MariaDB must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY