Item Search

Name	Audit Name	Plugin	Category
1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service	CIS MySQL 5.6 Community Windows OS L1 v2.0.0	Windows	ACCESS CONTROL
1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service	CIS MySQL 5.6 Community Linux OS L1 v2.0.0	Unix	ACCESS CONTROL
1.2.6.3 Ensure passcode have at least 1 number is set to enabled	CIS Zoom L1 v1.0.0	Zoom	CONFIGURATION MANAGEMENT
2.3.5.4 (L1) Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.5.4 (L1) Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL
3.7.2.9 /etc/ssh/sshd_config	CIS IBM AIX 7.1 L1 v2.1.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	ACCESS CONTROL
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	ACCESS CONTROL
49.16 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
CIS_Aliyun_Linux_2_L2_v1.0.0.audit from CIS Aliyun Linux 2 Benchmark v1.0.0	CIS Aliyun Linux 2 L2 v1.0.0	Unix
CIS_Amazon_Linux_2_STIG_v2.0.0_L1_Server.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix
DTOO241 - Action to demote an EMail Level 1 attachment to Level 2 must be configured.	DISA STIG Microsoft Outlook 2013 v1r14	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
ESXi: esxi-8.ssh-fips	VMware vSphere Security Configuration and Hardening Guide 8.0 - Bare Metal Host	Unix	ACCESS CONTROL
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'database location'	DISA STIG for Oracle Linux 5 v2r1	Unix	CONFIGURATION MANAGEMENT
Mitigating an attack using TCP profiles	Tenable F5 BIG-IP Best Practice Audit	F5	SYSTEM AND COMMUNICATIONS PROTECTION
OH12-1X-000104 - OHS must have the IndexOptions directive disabled.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	CONFIGURATION MANAGEMENT
OH12-1X-000105 - OHS must have the AddIconByEncoding directive disabled.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	CONFIGURATION MANAGEMENT
OH12-1X-000107 - OHS must have the AddIcon directive disabled - OHS must have the AddIcon directive disabled.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	CONFIGURATION MANAGEMENT
OH12-1X-000229 - The OHS DocumentRoot directory must be in a separate partition from the OHS ServerRoot directory.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	CONFIGURATION MANAGEMENT
OL08-00-010162 - The krb5-workstation package must not be installed on OL 8.	DISA Oracle Linux 8 STIG v2r4	Unix	IDENTIFICATION AND AUTHENTICATION
OL08-00-010163 - The krb5-server package must not be installed on OL 8.	DISA Oracle Linux 8 STIG v2r4	Unix	IDENTIFICATION AND AUTHENTICATION
RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.	DISA Red Hat Enterprise Linux 8 STIG v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
SPLK-CL-000010 - Splunk Enterprise must be installed with FIPS mode enabled, to implement NIST FIPS 140-2 approved ciphers for all cryptographic functions.	DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API	Splunk	SYSTEM AND COMMUNICATIONS PROTECTION
SRG-OS-000250-ESXI5 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs with FIPS 140-2 approved crypto	DISA STIG VMWare ESXi Server 5 STIG v2r1	VMware	ACCESS CONTROL
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATH	Oracle WebLogic Server 12c Windows v2r2	Windows	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - JAVA_OPTIONS	Oracle WebLogic Server 12c Windows v2r2	Windows	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - PRE_CLASSPATH	Oracle WebLogic Server 12c Windows v2r2	Windows	IDENTIFICATION AND AUTHENTICATION
WBLC-08-000214 - Oracle WebLogic must utilize NSA-approved cryptography when protecting classified compartmentalized data - JAVA_OPTIONS	Oracle WebLogic Server 12c Windows v2r2	Windows	CONFIGURATION MANAGEMENT
WBLC-08-000214 - Oracle WebLogic must utilize NSA-approved cryptography when protecting classified compartmentalized data - PRE_CLASSPATH	Oracle WebLogic Server 12c Windows v2r2	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search