Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5.2.1 Set 'Windows Firewall: Private: Firewall state' to 'On (recommended)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.3.1 Set 'Windows Firewall: Public: Outbound connections' to 'Allow (default)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.3.4 Set 'Windows Firewall: Public: Logging: Log dropped packets' to 'Yes'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.3 Enable FirewallCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Ensure the SharePoint Central Administration site is not accessible from Extranet or Internet connectionsCIS Microsoft SharePoint 2016 OS v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.cifs is not blank'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.ftpd has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.ndmp has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure IP forwarding is disabled - sysctlCIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure IP forwarding is disabled (sysctl exec)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'net.ipv4.conf.all.send_redirects' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'net.ipv4.conf.default.send_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'net.ipv4.conf.default.send_redirects' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'sysctl net.ipv4.conf.all.send_redirects'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'sysctl net.ipv4.conf.default.send_redirects'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled 'net.ipv4.conf.all.send_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled 'net.ipv4.conf.default.send_redirects = 0 - sysctl'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Data ONTAP (Software) Mgmt - 'httpd.admin.hostsequiv.enable = off'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_source_route = 0 - sysctl'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_source_route' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.default.accept_source_route' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure source routed packets are not accepted - 'sysctl net.ipv4.conf.all.accept_source_route'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.default.secure_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.all.secure_redirects'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.default.secure_redirects'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.6 Ensure bogus ICMP responses are ignored (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra = 0 sysctl'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - 'sysctl net.ipv6.conf.default.accept_redirects = 0'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2 Ensure /etc/hosts.allow is configuredCIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - OUTPUTCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.2 Ensure IPv4 loopback traffic is configured - OUTPUTCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.2 Ensure IPv4 loopback traffic is configured - OUTPUTCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - FORWARDCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.3 Ensure IPv6 outbound and established connections are configuredCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.4 Ensure IPv6 firewall rules exist for all open ports - ssCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.1 Disable Bonjour advertising serviceCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.5 Ensure Content trust for Docker is EnabledCIS Docker v1.7.0 L2 Docker - LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

4.5.4 Create /etc/hosts.denyCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.6 Ensure sensitive host system directories are not mounted on containersCIS Docker v1.7.0 L1 Docker - LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Windows 7 Workstation Level 1 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.1 Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.88.2.4 Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.88.2.4 Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.89.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure default deny firewall policy - Chain OUTPUTTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure loopback traffic is configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure TCP Wrappers is installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION