Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.5 Ensure proper SNMP configuration - 'community name private does not exist'CIS VMware ESXi 5.5 v1.2.0 Level 1VMware

IDENTIFICATION AND AUTHENTICATION

2.7 Ensure Sever Header is Modified To Prevent Information DisclosureCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

4.2 Ensure Weak Protocols are DisabledCIS MongoDB 5 L1 OS Linux v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Verify Active Directory group membership for the 'ESX Admins' groupCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

4.5 Restrict access to Tomcat temp directoryCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.10 Restrict access to Tomcat context.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.14 Restrict access to Tomcat web.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

5.10 Verify contents of exposed configuration filesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.3 Mask and zone SAN resources appropriatelyCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
6.5 Ensure 'sslProtocol' is Configured Correctly for Secure ConnectorsCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.16 Ensure that a Zone Protection Profile with tuned Flood Protection settings enabled for all flood types is attached to all untrusted zonesCIS Palo Alto Firewall 10 v1.2.0 L2Palo_Alto

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zoneCIS Palo Alto Firewall 10 v1.2.0 L2Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

7.1 Ensure appropriate key file permissions are set - CAFileCIS MongoDB 5 L1 OS Linux v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists inin defaultCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in defaultCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.5 Ensure pattern in context.xml is correctCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

8.2.1 Disconnect unauthorized devices - Floppy DevicesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

MEDIA PROTECTION

8.3.2 Minimize use of the VM consoleCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
8.4.2 Control VMsafe Agent AddressCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

SYSTEM AND INFORMATION INTEGRITY

8.4.3 Control VMsafe Agent PortCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

SYSTEM AND INFORMATION INTEGRITY

8.4.14 Disable Shell ActionCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.18 Disable UnityCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.6.3 Disable virtual disk wipingCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

10.3 Restrict manager applicationCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.4 Force SSL when accessing the manager application via HTTPCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.5 Rename the manager application - webapps/managerCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.6 Enable strict servlet ComplianceCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

10.8 Do not allow additional path delimiters - ALLOW_BACKSLASHCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.11 Force SSL for all applicationsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.13 Do not run applications as privilegedCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask uncommented in startupCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.19 Ensure Manager Application Passwords are EncryptedCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

CIS_Amazon_Linux_2_v3.0.0_L2.audit from CIS Amazon Linux 2 Benchmark v3.0.0CIS Amazon Linux 2 v3.0.0 L2Unix
CIS_Apache_Tomcat_11_v1.0.0_L2.audit from CIS Apache Tomcat 11 Benchmark v1.0.0CIS Apache Tomcat 11 v1.0.0 L2Unix
CIS_Microsoft_SharePoint_2016_OS_v1.1.0_Level_1.audit from CIS Microsoft SharePoint 2016 Benchmark v1.1.0CIS Microsoft SharePoint 2016 OS v1.1.0Windows
CIS_Mozilla_Firefox_38_ESR_v1.0.0_Windows_Level1.audit for CIS Mozilla Firefox 38 ESR v1.0.0CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0Windows
CIS_Mozilla_Firefox_102_ESR_v1.0.0_Windows_Level1.audit for CIS Mozilla Firefox 102 ESR v1.0.0CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0Windows
CIS_MySQL_8.0_Community_Benchmark_v1.1.0_Level_2_Database.audit from CIS Oracle MySQL 8.0 Community Edition BenchmarkCIS MySQL 8.0 Community Database L2 v1.1.0MySQLDB
CIS_MySQL_8.4_Community_Benchmark_v1.0.0_Level_2_OS_Linux.audit from CIS Oracle MySQL 8.4 Community Edition BenchmarkCIS Oracle MySQL Community Server 8.4 v1.0.0 L2 OS LinuxUnix
CIS_MySQL_8.4_Enterprise_Benchmark_v1.0.0_Level_2_OS_Linux.audit from CIS Oracle MySQL 8.4 Enterprise Edition BenchmarkCIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL OS LinuxUnix
CIS_Oracle_Linux_8_STIG_v1.0.0_CAT_III.audit from CIS Oracle Linux 8 STIG Benchmark v1.0.0CIS Oracle Linux 8 STIG v1.0.0 CAT IIIUnix
CIS_Oracle_Solaris_11.4_L1_v1.1.0.audit from CIS Oracle Solaris 11.4 Benchmark v1.1.0CIS Oracle Solaris 11.4 L1 v1.1.0Unix
CIS_SUSE_Linux_Enterprise_12_v3.2.1_L1_Server.audit from CIS SUSE Linux Enterprise 12 Benchmark v3.2.1CIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix
CIS_SUSE_Linux_Enterprise_15_v2.0.1_L1_Server.audit from CIS SUSE Linux Enterprise 15 Benchmark v2.0.1CIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix
CIS_Ubuntu_Linux_24.04_LTS_v1.0.0_L2_Server.audit from CIS Ubuntu Linux 24.04 LTS Benchmark v1.0.0CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix
CIS_VMware_ESXi_7.0_v1.5.0_L1.audit from CIS VMware ESXi 7.0 Benchmark v1.5.0CIS VMware ESXi 7.0 v1.5.0 L1 Bare MetalUnix