Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 Ensure /tmp is configured - systemctlCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.13 Ensure nodev option set on /var/tmp partitionCIS SUSE Linux Enterprise 12 v3.2.1 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.17 Ensure separate partition exists for /homeCIS Amazon Linux 2 STIG v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.17 Ensure separate partition exists for /homeCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.18 Ensure nodev option set on /home partitionCIS SUSE Linux Enterprise 12 v3.2.1 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.19 Ensure noexec option set on removable media partitionsCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.20 Ensure nodev option set on removable media partitionsCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.2 Ensure intra-zone traffic is not always allowedCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.7.2 Ensure GDM login banner is configured - banner message enabledCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.3 Ensure GDM disable-user-list option is enabledCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.3 Ensure GDM disable-user-list option is enabledCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.1.2 Ensure AirPlay Receiver Is DisabledCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.1.2 Ensure AirPlay Receiver Is DisabledCIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.3.1 Ensure Screen Sharing Is DisabledCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.3.7 Ensure Remote Apple Events Is DisabledCIS Apple macOS 13.0 Ventura v3.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4.1 Ensure Remote Apple Events Is DisabledCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.2 Ensure "Monitor Interfaces" for High Availability devices is enabledCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT

2.5.2 Ensure Listen for (Siri) Is DisabledCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.2.1 Ensure Siri Is DisabledCIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.3 Ensure Sending Diagnostic and Usage Data to Apple Is DisabledCIS Apple macOS 13.0 Ventura v3.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.3.1 Ensure Share Mac Analytics Is DisabledCIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.1 Audit Universal Control SettingsCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10 Audit Siri SettingsCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10.2 Ensure Power Nap Is Disabled for Intel MacsCIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1 Ensure That the Default Network Does Not Exist in a ProjectCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.2.1.1 Configure RA GuardCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.3.1 Set 'neighbor password'CIS Cisco IOS XE 17.x v2.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.5 Ensure permissions on /etc/hosts.deny are configuredCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1 Ensure Bonjour Advertising Services Is DisabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1 Ensure Bonjour Advertising Services Is DisabledCIS Apple macOS 15.0 Sequoia v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure HTTP Server Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.3 Ensure password reuse is limitedCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.23 Ensure SSH AllowTcpForwarding is disabledCIS Amazon Linux 2 STIG v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.4.1 (L1) Ensure access to VMs through the dvfilter network APIs is configured correctlyCIS VMware ESXi 7.0 v1.5.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.7 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.7 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2019 v4.0.0 L2 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2022 v4.0.0 L2 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT