Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.6 Ensure the log file permissions are set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

3.1.17 Ensure 'debug_pretty_print' is enabledCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.23 Ensure 'log_statement' is set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

4.6 Ensure the set_user extension is installedCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure base backups are configured and functionalCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

CONTINGENCY PLANNING

8.4 Ensure miscellaneous configuration settings are correctCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

Fortigate - Auto backup is configured - 'FortiManager'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONTINGENCY PLANNING

Fortigate - AV License - Not ExpiredTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Disable insecure services - TELNETTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Does not use self-signed certificate - 'admin'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - External Logging - 'fortianalyzer'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - full-second-warning-threshold <= 90%TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Inactivity timeout - 'console' <= 300TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Local Logging - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Login Banner - pre-login-bannerTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Review the NTP server configurationTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Send malware statistics to FortiGuard 'Disabled'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - SNMP v3 users have passwordsTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - Syslog3 Logging - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Salesforce.com : Administrator Access - 'No System Administrator accounts have been created since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Administrator Access - 'No System Administrator accounts have been modified since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : AuthConfig - 'Auth Providers = Facebook Execution User ID'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = Janrain'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Send Client Credentials in Header'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Endpoint URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers in use'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Data Access Control - 'Enable CSRF protection on GET requests on non-setup pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Email Services - 'IsErrorRoutingEnabled = True'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND INFORMATION INTEGRITY

Salesforce.com : Object Permissions - 'DefaultLeadAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Object Permissions - 'DefaultOpportunityAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'lockout period >= 30 minutes'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup customer Visualforce pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Lock session to IP = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Session Security - 'Review Salesforce console User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Salesforce CRM Content User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review user types'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Work.com User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Use POST requests for cross-domain sessions = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

SalesForce.com : User Permissions - 'Review Active System Administrators'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL