Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.4 Configure TCP Wrappers - enable tcp_wrappers for inetdCIS Solaris 10 L1 v5.2Unix
2.4 Configure TCP Wrappers - enable tcp_wrappers for rpc/bind. Note: This check is recommended by CIS, but not required.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

2.17 Set 'Support the following message formats:' to 'Enabled:S/MIME and Fortezza'CIS MS Office Outlook 2010 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

4.2 Enable Auditing of Incoming Network ConnectionsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cisCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Auditing of File Metadata Modification EventsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Capture syslog AUTH Messages - Check if auth.info is set to var/log/authlogCIS Solaris 10 L1 v5.2Unix
4.4 Enable Auditing of Process and Privilege EventsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing - Check audit policies is set to arge,argv,cntCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing, Check if 'minfree:20' is set in /etc/security/audit_control.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing, Check if 'naflags:lo,ad,ex' is set in /etc/security/audit_control.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.9 Enable Kernel Level Auditing, Check if 'root:lo,ad:no' is set in /etc/security/audit_user.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

6.1.1 Configure SSH - Check if Host * is set in /etc/ssh/ssh_config.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1CIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.8 Disable Host-based Authentication for Login-based Services - rsh auth sufficient pam_rhosts_auth.so.1CIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.8 Disable Host-based Authentication for Login-based Services - rsh auth sufficient pam_rhosts_auth.so.1CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

7.2 Set Password Expiration Parameters on Active Accounts - Check MINWEEKS is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Password Expiration Parameters on Active Accounts - Check WARNWEEKS is set to 4CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check DICTIONLIST is set to /usr/share/lib/dict/wordsCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MAXREPEATS is set to 0CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINDIFF is set to 3CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check PASSLENGTH is set to 8CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - MINNONALPHA is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - WHITESPACE is set to YESCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/.login.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.7 Set Default umask for FTP Users - Check if 'defumask' is set to 077.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.8 Set 'mesg n' as Default for All Users in /etc/.loginCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

7.9 Lock Inactive User Accounts - Check if definact is set to 35.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is set appropriately.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if file permissions for files under /etc/dt/config/*/Xresources are OK.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NGWindows

CONFIGURATION MANAGEMENT

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NGWindows

CONFIGURATION MANAGEMENT

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.18.7 Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows Server 2025 v2.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.18.7 Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.11.1 Ensure 'Disable HTTP proxy features: Disable WPAD' is set to 'Enabled: Checked'CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.11.1 Ensure 'Disable HTTP proxy features: Disable WPAD' is set to 'Enabled: Checked'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.11.1 Ensure 'Disable HTTP proxy features: Disable WPAD' is set to 'Enabled: Checked'CIS Microsoft Windows Server 2022 v5.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.11.1 Ensure 'Disable HTTP proxy features: Disable WPAD' is set to 'Enabled: Checked'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

18.11.1 Ensure 'Disable HTTP proxy features: Disable WPAD' is set to 'Enabled: Checked'CIS Microsoft Windows Server 2022 v5.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.11.1 Ensure 'Disable HTTP proxy features: Disable WPAD' is set to 'Enabled: Checked'CIS Microsoft Windows Server 2025 v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.11.1 Ensure 'Disable HTTP proxy features: Disable WPAD' is set to 'Enabled: Checked'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

CONFIGURATION MANAGEMENT

18.11.1 Ensure 'Disable HTTP proxy features: Disable WPAD' is set to 'Enabled: Checked'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

CONFIGURATION MANAGEMENT