Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.23 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - kubelet-client-keyCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.29 Ensure that the --client-ca-file argument is set as appropriateCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.29 Ensure that the --client-ca-file argument is set as appropriateCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.2.30 Ensure that the --etcd-cafile argument is set as appropriateCIS Red Hat OpenShift Container Platform v1.7.0 L1OpenShift

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.3 Ensure remote logging is configured for ESXi hostsCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

AUDIT AND ACCOUNTABILITY

3.124 - Audit of Backup and Restore Privileges is not turned off.DISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

4.1.8 Secure Permissions for the Log Mirror Location (MIRRORLOGPATH)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

5.1.1 Ensure Image Vulnerability Scanning is enabledCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

RISK ASSESSMENT

5.1.4 Ensure only trusted container images are usedCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

CONFIGURATION MANAGEMENT

5.4.4 Ensure clusters are created with Private NodesCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.5.7 Ensure Secure Boot for Shielded GKE Nodes is EnabledCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

RISK ASSESSMENT

5.6.3 Ensure Control Plane Authorized Networks is EnabledCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

5.8.2 Manage Kubernetes RBAC users with Google Groups for GKECIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

9.1.6 Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes' - YesCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.7 Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.1.7 Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes' - YesCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.8 Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.8 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.6 Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes' - YesCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.9 Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

18.10.57.1 (L1) Ensure 'Prevent downloading of enclosures' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.57.1 (L1) Ensure 'Prevent downloading of enclosures' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.58.1 (L1) Ensure 'Prevent downloading of enclosures' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server v1909 MS v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server 2022 v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server v2004 DC v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows 11 v22H2 v1.0.0Windows

ACCESS CONTROL

Firewall Filter - Rate-limit authorized protocols using policersJuniper Hardening JunOS 12 Devices ChecklistJuniper

SYSTEM AND COMMUNICATIONS PROTECTION

SQL6-D0-008300 - Confidentiality of information during transmission is controlled through the use of an approved TLS version.DISA STIG SQL Server 2016 Instance OS Audit v3r4Windows

IDENTIFICATION AND AUTHENTICATION

WN19-00-000400 - Windows Server 2019 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client.DISA Microsoft Windows Server 2019 STIG v3r4Windows

CONFIGURATION MANAGEMENT