Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - lsmodCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.4 Ensure mounting of hfs filesystems is disabled - modprobeCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.2 Ensure /tmp is configured - systemctlCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.20 Ensure sticky bit is set on all world-writable directoriesCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.2 Ensure intra-zone traffic is not always allowedCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctlyCIS Cisco ASA 9.x Firewall L2 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.7.1.5 Ensure permissions on /etc/issue are configuredCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.2 Ensure GDM login banner is configured - banner message enabledCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.2.2.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.1 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.2 Ensure "Monitor Interfaces" for High Availability devices is enabledCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1 Ensure That the Default Network Does Not Exist in a ProjectCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.2 Ensure access to Configuration utility by clients using TLS version 1.2 or laterCIS F5 Networks v1.0.0 L1F5

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled'AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled'AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.1.3 Set 'key-string'CIS Cisco IOS XE 16.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.8 Set 'ip authentication key-chain eigrp'CIS Cisco IOS XE 16.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.5 Ensure permissions on /etc/hosts.deny are configuredCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.5 Ensure permissions on /etc/hosts.deny are configuredCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1 Ensure Bonjour Advertising Services Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1.5 Review AirprintMobileIron - CIS Apple iPadOS 18 v1.0.0 L2 End User OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1.5 Review AirprintMobileIron - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure NFS Server Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure NFS Server Is DisabledCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.3 Ensure password reuse is limitedCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.3 Ensure default group for the root account is GID 0CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6 Ensure access to the su command is restricted - /etc/groupCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.11 Ensure no unowned files or directories existCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.12 Ensure no ungrouped files or directories existCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.5 Ensure root is the only UID 0 accountCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.6 Ensure root PATH IntegrityCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.11 Ensure no users have .forward filesCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.12 Ensure no users have .netrc filesCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.14 Ensure no users have .rhosts filesCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.16 Ensure no duplicate UIDs existCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.20 Ensure shadow group is emptyCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.20 Ensure shadow group is emptyCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2016 v3.0.0 L2 DCWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Catalina - Disable AirDropNIST macOS Catalina v1.5.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Catalina - Disable Messages AppNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Monterey - Disable SiriNIST macOS Monterey v1.0.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable SiriNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable SiriNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION