Item Search

Name	Audit Name	Plugin	Category
1.6.3 Ensure Exec Timeout for Console Sessions is set	CIS Cisco IOS XR 7.x v1.0.0 L1	Cisco	CONFIGURATION MANAGEMENT, MAINTENANCE
1.10 Ensure Web Tier ELB have the latest SSL Security Policies configured	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	SYSTEM AND COMMUNICATIONS PROTECTION
1.13 Ensure App Tier ELB have the latest SSL Security Policies configured	CIS Amazon Web Services Three-tier Web Architecture L2 1.0.0	amazon_aws	SYSTEM AND COMMUNICATIONS PROTECTION
2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'	CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine	MS_SQLDB	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.2.2 Ensure the Auto Minor Version Upgrade feature is enabled for RDS instances	CIS Amazon Web Services Foundations v5.0.0 L1	amazon_aws	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'	CIS SQL Server 2017 Database L1 DB v1.3.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
2.7.1 iCloud configuration	CIS Apple OSX 10.11 El Capitan L2 v1.1.0	Unix
2.13 Ensure the 'sa' Login Account is set to 'Disabled'	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL
2.13 Ensure the 'sa' Login Account is set to 'Disabled'	CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
2.14 Ensure the 'sa' Login Account has been renamed	CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine	MS_SQLDB	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases	CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL, MEDIA PROTECTION
3.4 Ensure that server access logging is enabled on the CloudTrail S3 bucket	CIS Amazon Web Services Foundations v5.0.0 L1	amazon_aws	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
3.6 Ensure rotation for customer-created symmetric CMKs is enabled	CIS Amazon Web Services Foundations v5.0.0 L2	amazon_aws	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.7 Ensure Relational Database Service backup retention policy is set	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	CONTINGENCY PLANNING
3.7 Ensure VPC flow logging is enabled in all VPCs	CIS Amazon Web Services Foundations v5.0.0 L2	amazon_aws	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
4.4 Ensure IAM policy changes are monitored	CIS Amazon Web Services Foundations v5.0.0 L1	amazon_aws	AUDIT AND ACCOUNTABILITY
4.4 Ensure RDS event subscriptions are enabled for DB security groups	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	AUDIT AND ACCOUNTABILITY
5.1.5 Ensure No World Writable Files Exist in the System Folder	CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.5 Ensure No World Writable Folders Exist in the System Folder	CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.5 Ensure No World Writable Folders Exist in the System Folder	CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.6 Ensure No World Writable Files Exist in the System Folder	CIS Apple macOS 12.0 Monterey v4.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.6 Ensure No World Writable Folders Exist in the System Folder	CIS Apple macOS 13.0 Ventura v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.6 Ensure No World Writable Folders Exist in the System Folder	CIS Apple macOS 14.0 Sonoma v2.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.6 Ensure No World Writable Folders Exist in the System Folder	CIS Apple macOS 15.0 Sequoia v1.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.3 Ensure no security groups allow ingress from 0.0.0.0/0 to remote server administration ports	CIS Amazon Web Services Foundations v5.0.0 L1	amazon_aws	SYSTEM AND COMMUNICATIONS PROTECTION
6.16 Ensure Routing Table associated with Data tier subnet have NO default route (0.0.0.0/0) defined to allow connectivity	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	SYSTEM AND COMMUNICATIONS PROTECTION
FireEye - Local logging retention configuration	TNS FireEye	FireEye	AUDIT AND ACCOUNTABILITY
Routing Protocol Security - Select the strongest algorithm that is supported by your equipment and your neighbors - ISIS	Juniper Hardening JunOS 12 Devices Checklist	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
Routing Protocol Security - Select the strongest algorithm that is supported by your equipment and your neighbors - RIP	Juniper Hardening JunOS 12 Devices Checklist	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
SOL-11.1-070100 - Duplicate User IDs (UIDs) must not exist for users within the organization.	DISA STIG Solaris 11 SPARC v3r1	Unix	IDENTIFICATION AND AUTHENTICATION
SOL-11.1-070140 - Duplicate user names must not exist.	DISA STIG Solaris 11 SPARC v3r1	Unix	CONFIGURATION MANAGEMENT
SOL-11.1-070140 - Duplicate user names must not exist.	DISA STIG Solaris 11 X86 v3r1	Unix	CONFIGURATION MANAGEMENT
SOL-11.1-070150 - Duplicate group names must not exist.	DISA STIG Solaris 11 X86 v3r1	Unix	CONFIGURATION MANAGEMENT
SOL-11.1-070190 - All valid SUID/SGID files must be documented.	DISA STIG Solaris 11 X86 v3r1	Unix	CONFIGURATION MANAGEMENT
SOL-11.1-070210 - The operating system must have no files with extended attributes.	DISA STIG Solaris 11 X86 v3r1	Unix	CONFIGURATION MANAGEMENT
SOL-11.1-070210 - The operating system must have no files with extended attributes.	DISA STIG Solaris 11 SPARC v3r1	Unix	CONFIGURATION MANAGEMENT
SQL2-00-010400 - SQL Server auditing configuration maximum file size must be configured to reduce the likelihood of storage capacity being exceeded, while meeting organization-defined auditing requirements - 'max_files'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	AUDIT AND ACCOUNTABILITY
System Alias and Banners - Controller CLI Banner	Tenable Cisco ACI	Cisco_ACI	ACCESS CONTROL
Web Session Idle Timeout (s)	Tenable Cisco ACI	Cisco_ACI	ACCESS CONTROL

Detections

Analytics

Item Search