Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.3.1 Ensure separate partition exists for /homeCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.6.1 Ensure separate partition exists for /var/logCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

1.4 SNMP Security - c) SNMP Security Protection FunctionTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.4.1.5 Ensure the SELinux mode is enforcingCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.2.20 Ensure X window server services are not in useCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

3.1.4.5 NFS - no root access via NFS exportsCIS IBM AIX 7.1 L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

3.12 Verify that Docker server certificate file permissions are set to 444 or more restrictiveCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

4.1.3 Ensure network interface zone is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.4 Ensure firewalld active zone target is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.5 Ensure firewalld loopback traffic is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.6 Ensure firewalld loopback source address traffic is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.8 Configure firewall to drop all trafficCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.8 Ensure sshd DisableForwarding is enabledCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

5.2.9 Ensure sshd GSSAPIAuthentication is disabledCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.4.2.1.4 Ensure password failed attempts lockout includes root accountCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL

5.5.3.1 Ensure nologin is not listed in /etc/shellsCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

6.2.1.1 Ensure auditd packages are installedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.1.4 Ensure auditd service is enabled and activeCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.2 Ensure audit logs are not automatically deletedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.3 Ensure events that modify the sudo log file are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.4 Ensure events that modify date and time information are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.2.3.10 Ensure successful file system mounts are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.11 Ensure session initiation information is collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.3.21 Ensure the audit configuration is immutableCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.22 Ensure the running and on disk configuration is the sameCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.4.2 Ensure audit log files mode is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.4 Ensure audit log files group owner is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.7 Ensure audit configuration files group owner is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.8 Ensure audit tools mode is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

6.2.4.9 Ensure audit tools owner is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.10 Ensure audit tools group owner is configuredCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2019 v1.5.2 L1 Database EngineMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2025 v1.0.0 L1 AWS RDS MS_SQLDBMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDBMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.8.52.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

CONFIGURATION MANAGEMENT

18.8.52.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2Windows

CONFIGURATION MANAGEMENT

Excel 2 worksheetsMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Excel 2 worksheetsMicrosoft 365 Apps for Enterprise 2306 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Excel 2 worksheetsMSCT Office 2016 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Excel 2 worksheetsMSCT M365 Apps for enterprise 2312 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

ACCESS CONTROL

WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

ACCESS CONTROL

WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

ACCESS CONTROL