Item Search

Name	Audit Name	Plugin	Category
1.1.2.5.2 Ensure nodev option set on /var/tmp partition	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.5.3 Ensure nosuid option set on /var/tmp partition	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.7.2 Ensure nodev option set on /var/log/audit partition	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.2.4.2.1.18 Set 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' to 'Disabled'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.2.4.2.3.18 Set 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' to 'Disabled'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.2.5 Ensure updates, patches, and additional security software are installed	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.4.1.7 Ensure the MCS Translation Service (mcstrans) is not installed	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.5.5 Ensure kernel.dmesg_restrict is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
1.5.9 Ensure systemd-coredump ProcessSizeMax is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.1.3 Ensure chrony is not run as the root user	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL
2.1.4 Ensure correct system time is configured through NTP	CIS FortiGate 7.4.x v1.0.1 L1	FortiGate	AUDIT AND ACCOUNTABILITY
2.1.4 Ensure correct system time is configured through NTP	CIS Fortigate 7.0.x v1.4.0 L1	FortiGate	AUDIT AND ACCOUNTABILITY
2.2.4 Ensure dns server services are not in use	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.2.7 Ensure ftp server services are not in use	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.2.13 Ensure rsync services are not in use	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.2.18 Ensure web server services are not in use	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.2.22 Ensure only approved services are listening on a network interface	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
3.1.3 Ensure bluetooth services are not in use	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
3.3.1.5 Ensure net.ipv4.conf.default.send_redirects is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
3.3.1.7 Ensure net.ipv4.icmp_echo_ignore_broadcasts is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
3.3.1.9 Ensure net.ipv4.conf.default.accept_redirects is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
3.3.1.14 Ensure net.ipv4.conf.all.accept_source_route is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
3.3.1.15 Ensure net.ipv4.conf.default.accept_source_route is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
3.3.2.6 Ensure net.ipv6.conf.default.accept_source_route is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
3.3.2.7 Ensure net.ipv6.conf.all.accept_ra is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
5.2.12 Ensure sshd KexAlgorithms is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.2.15 Ensure sshd MACs are configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.2.17 Ensure sshd MaxSessions is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
5.2.22 Ensure sshd UsePAM is enabled	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
5.4.2.1.1 Ensure pam_faillock module is enabled	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
5.4.2.1.2 Ensure password failed attempts lockout is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL
5.4.2.3.1 Ensure pam_pwhistory module is enabled	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
5.5.2.2 Ensure root is the only GID 0 account	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION
5.5.2.4 Ensure root account access is controlled	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.5.2.8 Ensure accounts without a valid login shell are locked	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.5.3.2 Ensure default user shell timeout is configured	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	ACCESS CONTROL
6.1.2.6 Ensure rsyslog is not configured to receive logs from a remote client	CIS Amazon Linux 2 v4.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
8.2.3 (L1) Ensure external Teams users cannot initiate conversations	CIS Microsoft 365 Foundations v6.0.1 L1 E3	microsoft_azure	ACCESS CONTROL
8.2.3 (L1) Ensure external Teams users cannot initiate conversations	CIS Microsoft 365 Foundations v6.0.1 L1 E5	microsoft_azure	ACCESS CONTROL
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
ALMA-09-023670 - AlmaLinux OS 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers configured.	DISA Cloud Linux AlmaLinux OS 9 STIG v1r6	Unix	CONFIGURATION MANAGEMENT
MADB-10-003700 - If MariaDB authentication, using passwords, is employed, then MariaDB must enforce the DOD standards for password complexity.	DISA MariaDB Enterprise 10.x v2r4 DB	MySQLDB	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLWallet	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000258 - OHS must have the SSLFIPS directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OL09-00-006003 - OL 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers configured.	DISA Oracle Linux 9 STIG v1r5	Unix	CONFIGURATION MANAGEMENT
VCLD-67-000034 - VAMI must implement TLS1.2 exclusively - tlsv12	DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
VCSA-70-000077 - The vCenter Server must enable FIPS-validated cryptography.	DISA STIG VMware vSphere 7.0 vCenter v1r3	VMware	IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
VCSA-80-000077 - The vCenter Server must enable FIPS-validated cryptography.	DISA VMware vSphere 8.0 vCenter STIG v2r3	VMware	IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search