Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1 Ensure 'Domain Name' is setCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.3 Disable all management related services on WAN portCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT

2.5.1.2.2 Ensure 'Do not allow users to change permissions on folders' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.5 Configure Solaris Auditing - active audit policies = argv,cnt,zonenameCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - active non-attributable flags = loCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - active non-attributable flags = loCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - active user flags = cis,ex,aa,ua,as,ss,lo,ftCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - audit condition = auditingCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - audit_binfile (active)CIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - audit_binfile attributes: p_minfree=1;CIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - audit_binfile attributes: p_minfree=1;CIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - audit_flags root = lo,ad,ft,ex,cis:noCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - audit_flags root = lo,ad,ft,ex,cis:noCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - configured audit policies = argv,cnt,zonenameCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - configured audit policies = argv,cnt,zonenameCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - configured non-attributable flags = loCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ftCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ftCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - var/audit/*.not_terminated.*CIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - var/audit/*.not_terminated.*CIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

6.1.1 (L1) Ensure 'AuditDisabled' organizationally is set to 'False'CIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

AUDIT AND ACCOUNTABILITY

6.5.2 (L1) Ensure MailTips are enabled for end usersCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

CONFIGURATION MANAGEMENT

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG Only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG Only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

Android Work Profile Device Configuration - Screen captureTenable Best Practices for Microsoft Intune Android v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

APPL-14-005020 The macOS system must enforce FileVault.DISA Apple macOS 14 (Sonoma) STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

APPL-15-005020 - The macOS system must enforce FileVault.DISA Apple macOS 15 (Sequoia) STIG v1r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000180 - The Cisco ASA must be configured to specify Perfect Forward Secrecy (PFS) for the IPsec Security Association (SA) during IKE Phase 2 negotiation.DISA STIG Cisco ASA VPN v2r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CIS_Palo_Alto_Firewall_8_Benchmark_L1_v1.0.0.audit from CIS Palo Alto Firewall 8 Benchmark v1.0.0CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto
DKER-EE-003310 - The Docker Enterprise max-size and max-file json-file drivers logging options in the daemon.json configuration file must be configured to allocate audit record storage capacity for Universal Control Plane (UCP) and Docker Trusted Registry (DTR) per the requirements set forth by the System Security Plan (SSP) - max-sizeDISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

AUDIT AND ACCOUNTABILITY

EX13-CA-000015 - Exchange must have Forms-based Authentication disabled.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

ACCESS CONTROL

EX13-CA-000105 - Exchange must have the Public Folder virtual directory removed if not in use by the site.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

CONFIGURATION MANAGEMENT

EX13-CA-000125 - Exchange software must be monitored for unauthorized changes.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

CONFIGURATION MANAGEMENT

EX13-CA-000150 - Exchange OWA must use https - ExternalDISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-CA-000155 - Exchange OWA must have S/MIME Certificates enabled.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000060 - Exchange must protect audit data against unauthorized read access.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

AUDIT AND ACCOUNTABILITY

EX13-MB-000070 - Exchange must protect audit data against unauthorized access.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

AUDIT AND ACCOUNTABILITY

EX13-MB-000110 - Exchange internal Receive connectors must require encryption.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000220 - The Exchange global outbound message size must be controlled.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000270 - The Exchange Global Recipient Count Limit must be set.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND INFORMATION INTEGRITY

EX13-MB-000290 - An Exchange software baseline copy must exist.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

CONFIGURATION MANAGEMENT

EX16-MB-000220 - Exchange internal Receive connectors must require encryption.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-MB-000008 - Exchange must have forms-based authentication enabled.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

ACCESS CONTROL

SPLK-CL-000170 - Splunk Enterprise must use TCP for data transmission.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

CONFIGURATION MANAGEMENT

SPLK-CL-000270 - Splunk Enterprise must use TCP for data transmission.DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG REST APISplunk

CONFIGURATION MANAGEMENT

VCPG-70-000013 - VMware Postgres must use FIPS 140-2 approved Transport Layer Security (TLS) ciphers.DISA STIG VMware vSphere 7.0 PostgreSQL v1r2Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN11-UR-000085 - The 'Deny log on locally' user right on workstations must be configured to prevent access from highly privileged domain accounts on domain systems and unauthenticated access on all systems.DISA Microsoft Windows 11 STIG v2r3Windows

ACCESS CONTROL