Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Disable Unused ConnectorsCIS Apache Tomcat 11 v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

1.2 Disable Unused ConnectorsCIS Apache Tomcat 10.1 v1.1.0 L2Unix

CONFIGURATION MANAGEMENT

1.2 Use Dedicated Least Privileged Account for MySQL Daemon/ServiceCIS MySQL 5.6 Community Windows OS L1 v2.0.0Windows

ACCESS CONTROL

1.2 Use Dedicated Least Privileged Account for MySQL Daemon/ServiceCIS MySQL 5.6 Community Linux OS L1 v2.0.0Unix

ACCESS CONTROL

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.12 Configure centralized and remote loggingCIS Docker 1.11.0 v1.0.0 L2 DockerUnix

AUDIT AND ACCOUNTABILITY

2.12 Ensure centralized and remote logging is configuredCIS Docker Community Edition v1.1.0 L2 DockerUnix

AUDIT AND ACCOUNTABILITY

2.14 Ensure the 'sa' Login Account has been renamedCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.15 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databasesCIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'CIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode' - Windows Authentication modeCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

3.1.3.3 Log OSPF Adjacency ChangesCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

3.3 Ensure 'Orphaned Users' are Dropped From SQL Server DatabasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL

3.3 Ensure 'Orphaned Users' are Dropped From SQL Server DatabasesCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL

3.4 Ensure SQL Authentication is not used in contained databasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL

3.8 Ensure only the default permissions specified by Microsoft are granted to the public server roleCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

ACCESS CONTROL

3.8 Ensure only the default permissions specified by Microsoft are granted to the public server roleCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin RoleCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'CIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

AUDIT AND ACCOUNTABILITY

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - 'FAILED_LOGIN_GROUP'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' - AUDIT_CHANGE_GROUPCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

6.1.1.4 Ensure only one logging system is in useCIS Debian Linux 12 v1.1.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1.1.4 Ensure only one logging system is in useCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.1.4 Ensure only one logging system is in useCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure only one logging system is in useCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure only one logging system is in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

8.8 (L2) VMware Tools must deactivate ContainerInfo unless requiredCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT

18.9.14.1 Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.9.14.1 Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.12.2 (L1) Ensure 'Turn off Microsoft consumer experiences' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT

18.10.13.3 (L1) Ensure 'Turn off Microsoft consumer experiences' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT

OL08-00-040100 - A firewall must be installed on OL 8.DISA Oracle Linux 8 STIG v2r4Unix

ACCESS CONTROL

OL08-00-040101 - A firewall must be active on OL 8.DISA Oracle Linux 8 STIG v2r4Unix

ACCESS CONTROL

RHEL-08-040100 - A firewall must be installed on RHEL 8.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-040101 - A firewall must be active on RHEL 8.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEV: ClustersTenable RedHat Enterprise VirtualizationRHEV
RHEV: HostsTenable RedHat Enterprise VirtualizationRHEV
UBTU-16-030030 - An application firewall must be installed.DISA STIG Ubuntu 16.04 LTS v2r3Unix

ACCESS CONTROL

VCENTER-000024 - A least-privileges assignment must be used for the Update Manager database user.DISA STIG VMWare ESXi vCenter 5 STIG v2r1VMware

CONFIGURATION MANAGEMENT