Detections
Analytics

Item Search

NameAudit NamePluginCategory
Ensure /etc/hosts.allow is configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure /etc/hosts.deny is configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure bogus ICMP responses are ignored - /etc/sysctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure DCCP is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure discretionary access control permission modification events are collected - auditctl b32 setxattrTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure discretionary access control permission modification events are collected - auditctl b64 setxattrTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify date and time information are collected - audit.rules b64 clock_settimeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify date and time information are collected - auditctl b32 clock_settimeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify date and time information are collected - auditctl b64 clock_settimeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify the system's network environment are collected - auditctl b32 sethostnameTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify the system's network environment are collected - b32 sethostnameTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify user/group information are collected - auditctl /etc/gshadowTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify user/group information are collected - auditctl /etc/security/opasswdTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure file deletion events by users are collected - auditctl b64 unlinkTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure GDM login banner is configured - system-dbTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure ICMP redirects are not accepted - /etc/sysctl ipv4 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure LDAP client is not installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure LDAP Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NIS Client is not installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure Samba is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure SSH LoginGraceTime is set to one minute or lessTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure SSH MaxAuthTries is set to 4 or lessTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure SSH PermitEmptyPasswords is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure TCP SYN Cookies is enabled - sysctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure TCP Wrappers is installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - full-first-warning-threshold <= 75%TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - SNMP v3 uses AES instead of DESTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Compliance Policy - Encryption of data storage on deviceTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL

Windows Compliance Policy - Minimum password lengthTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Windows Compliance Policy - Password expiration (days)Tenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Windows Compliance Policy - Require a password to unlock mobile devicesTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Windows Device Configuration - Behavior monitoringTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

CONFIGURATION MANAGEMENT

Windows Device Configuration - Browser AutofillTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - CameraTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - DevicesTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - End-user access to DefenderTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - GamingTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - GeolocationTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - Maximum minutes of inactivity until screen locksTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL

Windows Device Configuration - Network Inspection SystemTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

CONFIGURATION MANAGEMENT

Windows Device Configuration - NFCTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - PasswordTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Windows Device Configuration - Password expiration (days)Tenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Windows Device Configuration - PersonalizationTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - Real-time monitoringTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

CONFIGURATION MANAGEMENT

Windows Device Configuration - Required password typeTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Windows Device Configuration - Scan incoming mail messagesTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

CONFIGURATION MANAGEMENT

Windows Device Configuration - Time and LanguageTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - USB connectionTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT