Item Search

Name	Audit Name	Plugin	Category
Fortigate - Admin password lockout threshold - '1-3'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - Auto backup is configured - 'FortiManager'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONTINGENCY PLANNING
Fortigate - AV License - Not Expired	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - Disable insecure services - TELNET	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - Disable SSHv1 admin access	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - DNS - primary server	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - DNS - secondary server	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - Does not use self-signed certificate - 'admin'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - Encrypt logs sent to FortiAnalyzer/FortiManager	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - External Logging - 'fortianalyzer'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - External Logging - 'fortianalyzer3'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - External Logging - 'syslogd'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Fortianalyzer2 Logs - severity 'information'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Fortianalyzer3 Logs - severity 'information'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - HTTPS/SSH admin access strong ciphers	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - Inactivity timeout - 'console' <= 5	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - Local Logging is enabled	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Log user authentication messages	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Log WAN optimization messages	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - NTP server configuration - *.ntp.org	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Password Complexity - 1 non-alphanum character	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - Review and disable unused interfaces	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - SNMP community string - 'public'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	IDENTIFICATION AND AUTHENTICATION
Fortigate - SNMP v3 uses AES instead of DES	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
Fortigate - SSH login grace time <= 30 seconds	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	ACCESS CONTROL
Fortigate - System event logging	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Fortigate - Use non default admin access ports - 'SSH'	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	CONFIGURATION MANAGEMENT
Fortigate - Wireless-activity event logging	TNS Fortigate FortiOS Best Practices v2.0.0	FortiGate	AUDIT AND ACCOUNTABILITY
Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Secret'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers in use'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Data Access Control - 'Enable CSRF protection on GET requests on non-setup pages = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND COMMUNICATIONS PROTECTION
Salesforce.com : Email Services - 'IsErrorRoutingEnabled = True'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND INFORMATION INTEGRITY
Salesforce.com : Object Permissions - 'DefaultLeadAccess should not be Public Read/Write or Public Read/Write/Transfer'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Object Permissions - 'DefaultOpportunityAccess should not be Public Read/Write or Public Read/Write/Transfer'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Password Policies - 'lockout period >= 30 minutes'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup customer Visualforce pages = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND COMMUNICATIONS PROTECTION
Salesforce.com : Setting Session Security - 'Enable clickjack protection for setup pages = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	SYSTEM AND COMMUNICATIONS PROTECTION
Salesforce.com : Setting Session Security - 'Force relogin after Login-As-User = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Lock session to IP = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Review Salesforce console User'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Review Salesforce CRM Content User'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Review user types'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Review Users that have not changed their password recently'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Review Work.com User'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Session Timeout <= 2 hours'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Use POST requests for cross-domain sessions = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : User Access - Users have only been modified by known administrators	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL

Detections

Analytics

Item Search