Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

CONFIGURATION MANAGEMENT

ACLs: Filter for RFC 1918 addresses (10.0.0.0/8)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

ACLs: Filter for RFC 3330 addresses (0.0.0.0/8)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

ACLs: Filter for RFC 3330 addresses (169.254.0.0/16)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

ACLs: Filter for RFC 3330 addresses (224.0.0.0/4)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

Authentication: enable remote authenticationTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION

Authentication: local authentication is available as a last resortTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION

BGP: Authenticate peersTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

ACCESS CONTROL

Fortigate - Alert Emails - 'admin address'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND INFORMATION INTEGRITY

Fortigate - AV License - Not ExpiredTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Disable auto USB installation - 'config'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Does not use self-signed certificate - 'admin'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - Does not use self-signed certificate - 'user'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - External Logging - 'fortianalyzer2'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - External Logging - 'syslog3'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Fortianalyzer3 Logs - severity 'information'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - full-first-warning-threshold <= 75%TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - HTTPS/SSH admin access strong ciphersTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Inactivity timeout - 'global' <= 5TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - NTP server configuration - *.ntp.orgTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Password Expiry date <= 30 daysTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - SNMP v3 uses AES instead of DESTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Login: FTP is disabledTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

CONFIGURATION MANAGEMENT

Login: Telnet is disabled (IPv6)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

CONFIGURATION MANAGEMENT

Password Complexity: Require at least one uppercase and one lowercase letterTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Key'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Default Scope'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Execution User ID'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers in use'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Email Services - 'IsTextAttachmentsAsBinary = False'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Monitoring Login History - 'Inactive System Administrators'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Network-Based Security - 'Login IP Addresses'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

AUDIT AND ACCOUNTABILITY

Salesforce.com : Network-Based Security - 'Trusted IP Ranges exist'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Object Permissions - 'DefaultOpportunityAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'lockout period >= 30 minutes'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'Must mix numbers, uppercase and lowercase letters, and special characters'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Session Security - 'Enable caching and autocomplete = false'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup Salesforce pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Enable CSRF protection on GET requests on non-setup pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Lock session to IP = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

SalesForce.com : Setting Session Security - 'Review Active Users'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Apex Mobile User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Salesforce CRM Content User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review user types'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Work.com User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : User Access - Users have only been modified by known administratorsTNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Spanning Tree: enable edge-portTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION