Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1 Ensure 'Domain Name' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.2.1 Ensure 'Domain Name' is setCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.7 Set 'Maximum number of recipients - organization level' to '5000'CIS Microsoft Exchange Server 2013 Hub v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.9 (L1) Ensure that DKIM is enabled for all Exchange Online DomainsCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Set 'Mailbox quotas: Prohibit send and receive at' to '2411520'CIS Microsoft Exchange Server 2013 Mailbox v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Set 'Mailbox quotas: Prohibit send and receive at' to '2411520'CIS Microsoft Exchange Server 2016 Mailbox v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure that the LDAP connection uses TLSCIS IBM WebSphere Liberty v1.0.0 L1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Set 'Mailbox quotas: Prohibit send at' to '2097152'CIS Microsoft Exchange Server 2013 Mailbox v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Set 'Keep deleted mailboxes for the specified number of days' to '30'CIS Microsoft Exchange Server 2013 Mailbox v1.1.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.5 Set 'Do not permanently delete items until the database has been backed up' to 'True'CIS Microsoft Exchange Server 2013 Mailbox v1.1.0Windows

CONTINGENCY PLANNING

2.5.1.2.2 Ensure 'Do not allow users to change permissions on folders' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

2.8 Set 'Password Expiration' to '90' or lessCIS Microsoft Exchange Server 2016 CAS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.12 Set 'Configure dial plan security' to 'Secured'CIS Microsoft Exchange Server 2016 UM v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.16 Set 'Require encryption on device' to 'True'CIS Microsoft Exchange Server 2013 CAS v1.1.0Windows

ACCESS CONTROL

2.17 Set 'Time without user input before password must be re-entered' to '15'CIS Microsoft Exchange Server 2016 CAS v1.0.0Windows

ACCESS CONTROL

2.20 Set 'Number of attempts allowed' to '10'CIS Microsoft Exchange Server 2016 CAS v1.0.0Windows

ACCESS CONTROL

3.5 Set 'Enable automatic replies to remote domains' to 'False'CIS Microsoft Exchange Server 2013 Hub v1.1.0Windows

CONFIGURATION MANAGEMENT

3.5 Set 'Enable automatic replies to remote domains' to 'False'CIS Microsoft Exchange Server 2016 Hub v1.0.0Windows

CONFIGURATION MANAGEMENT

3.7 Set 'Enable non-delivery reports to remote domains' to 'False'CIS Microsoft Exchange Server 2013 Hub v1.1.0Windows

CONFIGURATION MANAGEMENT

3.7 Set 'Enable non-delivery reports to remote domains' to 'False'CIS Microsoft Exchange Server 2016 Hub v1.0.0Windows

CONFIGURATION MANAGEMENT

3.8 Set 'Enable OOF messages to remote domains' to 'None'CIS Microsoft Exchange Server 2016 Hub v1.0.0Windows

CONFIGURATION MANAGEMENT

3.9 Set 'Enable automatic forwards to remote domains' to 'False'CIS Microsoft Exchange Server 2016 Hub v1.0.0Windows

CONFIGURATION MANAGEMENT

3.11 Set mailbox 'Turn on Administrator Audit Logging' to 'True'CIS Microsoft Exchange Server 2016 UM v1.0.0Windows

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris AuditingCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure journald log rotation is configured per site policyCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.5 Configure rsyslog to Send Logs to a Remote Log Host - *.* @@loghost.example.comCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.3.3 (L1) Ensure 'Access reviews' for privileged roles are configuredCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL

8.3.4 (L1) Ensure standard processes are used for VM deploymentCIS VMware ESXi 7.0 v1.5.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

Android Work Profile Device Configuration - Add and remove accountsTenable Best Practices for Microsoft Intune Android v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Android Work Profile Device Configuration - Contact sharing via BluetoothTenable Best Practices for Microsoft Intune Android v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Android Work Profile Device Configuration - Default app permissionsTenable Best Practices for Microsoft Intune Android v1.0microsoft_azure

ACCESS CONTROL

Android Work Profile Device Configuration - Require Work Profile PasswordTenable Best Practices for Microsoft Intune Android v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

CISC-RT-000530 - The Cisco BGP switch must be configured to reject outbound route advertisements for any prefixes belonging to the IP core.DISA Cisco NX OS Switch RTR STIG v3r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

DKER-EE-001190 - Docker Enterprise sensitive host system directories must not be mounted on containers.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

ACCESS CONTROL

DKER-EE-001940 - SELinux security options must be set on Red Hat or CentOS systems for Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-003310 - The Docker Enterprise max-size and max-file json-file drivers logging options in the daemon.json configuration file must be configured to allocate audit record storage capacity for Universal Control Plane (UCP) and Docker Trusted Registry (DTR) per the requirements set forth by the System Security Plan (SSP) - max-fileDISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

AUDIT AND ACCOUNTABILITY

Enable IKE Version 1/2 - cipher-suiteTenable Cisco Viptela SD-WAN - vEdgeCisco_Viptela

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-CA-000015 - Exchange must have Forms-based Authentication disabled.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

ACCESS CONTROL

EX13-CA-000100 - Exchange POP3 service must be disabled.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

CONFIGURATION MANAGEMENT

EX13-CA-000150 - Exchange OWA must use https - ExternalDISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000075 - Exchange must protect audit data against unauthorized deletion.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

AUDIT AND ACCOUNTABILITY

EX13-MB-000195 - Exchange Send connectors must be clearly named.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000215 - The Exchange global inbound message size must be controlled.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-MB-000190 - The Exchange Post Office Protocol 3 (POP3) service must be disabled.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

CONFIGURATION MANAGEMENT

EX16-MB-002930 - Exchange must have authenticated access set to Integrated Windows Authentication only.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

ACCESS CONTROL

EX19-MB-000020 - Exchange must have authenticated access set to integrated Windows authentication only.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

ACCESS CONTROL

MADB-10-003750 - If MariaDB authentication using passwords is employed, MariaDB must enforce the DOD standards for password lifetime.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION