Item Search

Name	Audit Name	Plugin	Category
1.6 Ensure 'SCL Quarantine' is 'Enabled'	CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.40 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost' - Administrators, NT SERVICE\WdiServiceHost	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
7. OpenStack Networking - Policy.json - 'get_port:queue_id'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
8. OpenStack Networking - Policy.json - 'create_metering_label_rule'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
9. OpenStack Networking - Policy.json - 'create_network:router:external'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
52. OpenStack Networking - Policy.json - 'create_network_profile'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
53. OpenStack Networking - Policy.json - 'delete_floatingip'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
57. OpenStack Networking - Policy.json - 'get_dhcp-agents'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
61. OpenStack Networking - Policy.json - 'create_dhcp-network'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
73. OpenStack Networking - Policy.json - 'get_lsn'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
74. OpenStack Networking - Policy.json - 'update_network:router:external'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
78. OpenStack Networking - Policy.json - 'get_port:binding:vif_type'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
86. OpenStack Networking - Policy.json - 'create_floatingip:floating_ip_address'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
94. OpenStack Networking - Policy.json - 'update_network:shared'	TNS OpenStack Neutron/Networking Security Guide	Unix	ACCESS CONTROL
102. OpenStack Compute - Policy.json - 'os_compute_api:os-baremetal-nodes'	TNS OpenStack Nova/Compute Security Guide	Unix	ACCESS CONTROL
103. OpenStack Compute - Policy.json - 'os_compute_api:os-simple-tenant-usage:show'	TNS OpenStack Nova/Compute Security Guide	Unix	ACCESS CONTROL
ACLs: Filter for RFC 1918 addresses (192.168.0.0/16)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 3330 addresses (192.42.172.0/24)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 3330 addresses (203.0.113.0/24)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 3330 addresses (224.0.0.0/4)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 3330 addresses (255.255.255.255/32)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
Adtran : Device Version	TNS Adtran AOS Best Practice Audit	Adtran	CONFIGURATION MANAGEMENT
Authentication: a backup remote authentication server is available	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	ACCESS CONTROL
CPM Filtering: Filter for ICMP - source quench	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
CPM Filtering: Filter for ICMP - time exceeded	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
CPM Filtering: Filter for RSVP	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
DTAM004 - McAfee VirusScan On-Access General Policies must be configured to notify local users when detections occur.	DISA McAfee VirusScan 8.8 Managed Client STIG v6r1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
DTAM004 - McAfee VirusScan On-Access Scanner General Settings must be configured to notify local users when detections occur.	DISA McAfee VirusScan 8.8 Local Client STIG v6r1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
DTAVSEL-105 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to scan all file types.	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
Event Logging is not available or enabled - Event Logging category checks not performed	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Extreme : Device Info	TNS Extreme ExtremeXOS Best Practice Audit	Extreme_ExtremeXOS	CONFIGURATION MANAGEMENT
Extreme : switch Info	TNS Extreme ExtremeXOS Best Practice Audit	Extreme_ExtremeXOS	CONFIGURATION MANAGEMENT
Fortigate - AAA - TACACS+ server is trusted	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - SNMP v3 auth-priv is not enabled	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach.	DISA STIG Solaris 10 X86 v2r4	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
ICMP: Do not return redirect messages	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
Logging: capture level is set to at least info	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	AUDIT AND ACCOUNTABILITY
Login: FTP is disabled	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	CONFIGURATION MANAGEMENT
Login: SSH is enabled	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	CONFIGURATION MANAGEMENT
PANW-AG-000020 - The Palo Alto Networks security platform, if used as a TLS gateway/decryption point or VPN concentrator, must use NIST FIPS-validated cryptography to protect the integrity of remote access sessions.	DISA STIG Palo Alto ALG v3r4	Palo_Alto	ACCESS CONTROL
PANW-IP-000058 - The Palo Alto Networks security platform must off-load log records to a centralized log server in real-time.	DISA STIG Palo Alto IDPS v3r2	Palo_Alto	AUDIT AND ACCOUNTABILITY
Salesforce.com : Trust and Salesforce.com - Review http://trust.salesforce.com	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND SERVICES ACQUISITION
SNMP is not enabled. SNMP specific checks not performed.	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
SNMP: configure access groups to use privacy	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	IDENTIFICATION AND AUTHENTICATION
SNMP: configure community strings	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	IDENTIFICATION AND AUTHENTICATION
The device does not appear to support or is not configured for administrative password policy settings.	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Time: NTP servers use an authentication key	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	AUDIT AND ACCOUNTABILITY
uRPF: Unicast Reverse Path Forwarding (uRPF) is Enabled	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
WDNS-SI-000007 - The Windows 2012 DNS Server must log the event and notify the system administrator when anomalies in the operation of the signed zone transfers are discovered.	DISA Microsoft Windows 2012 Server DNS STIG v2r7	Windows	SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search