Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.5 Ensure Interactive Login is DisabledCIS MySQL 5.6 Community Windows OS L2 v2.0.0Windows

ACCESS CONTROL

1.5 Ensure Interactive Login is DisabledCIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0Windows

ACCESS CONTROL

1.16 Ensure that Snowflake stored procedures are not owned by the ACCOUNTADMIN or SECURITYADMIN rolesCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL

2.1.2 Ensure 'ADMIN_RESTRICTIONS_' Is Set to 'ON'CIS Oracle Server 19c Windows v1.2.0Windows

ACCESS CONTROL

2.1.3 Ensure 'ADMIN_RESTRICTIONS_' Is Set to 'ON'CIS Oracle Server 18c Linux v1.1.0Unix

ACCESS CONTROL

3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privilegesCIS MongoDB 7 v1.1.0 L1 MongoDBMongoDB

ACCESS CONTROL

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS SQL Server 2017 Database L1 OS v1.3.0Windows

ACCESS CONTROL

3.6 Ensure the SQL Server's SQLAgent Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.4.0 L1 AWS RDSMS_SQLDB

ACCESS CONTROL

3.6.1.2 OpenSSH - PermitRootLoginCIS IBM AIX 7.1 L2 v2.1.0Unix

ACCESS CONTROL

4.1 Ensure sudo is configured correctly - /etc/sudoers.d/postgresCIS PostgreSQL 12 OS v1.1.0Unix

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

4.1.10 If the kubelet config.yaml configuration file is being used validate file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

4.3.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

4.4 Ensure No Users Are Assigned the 'DEFAULT' ProfileCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

5.2 Ensure 'FILE' is Not Granted to Non-Administrative UsersCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

ACCESS CONTROL

5.2 Ensure 'FILE' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.2 Ensure 'FILE' is Not Granted to Non-Administrative UsersCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.2.2 Minimize the admission of privileged containersCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

5.2.7 Minimize the admission of root containersCIS Kubernetes v1.24 Benchmark v1.0.0 L2 MasterUnix

ACCESS CONTROL

5.2.8 Ensure SSH root login is disabledCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL

5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Community Database L2 v2.0.0MySQLDB

ACCESS CONTROL

5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative UsersCIS MySQL 5.7 Community Database L2 v2.0.0MySQLDB

ACCESS CONTROL

5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative UsersCIS MySQL 5.7 Enterprise Database L2 v2.0.0MySQLDB

ACCESS CONTROL

5.3.2 Ensure sudo commands use ptyCIS CentOS Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL

5.3.4 Ensure users must provide password for escalationCIS CentOS Linux 8 Server L2 v2.0.0Unix

ACCESS CONTROL

5.3.12 Ensure SSH root login is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.12 Ensure SSH root login is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative UsersCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.6 Ensure 'CREATE USER' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.6 Ensure 'CREATE USER' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.6 Ensure the "root" Account Is DisabledCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

ACCESS CONTROL

5.7 Ensure 'GRANT OPTION' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

ACCESS CONTROL

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure logging of replication commands is configuredCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure logging of replication commands is configuredCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure logging of replication commands is configuredCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

9.3 Ensure 'super_priv' is Not Set to 'Y' for Replication UsersCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

ACCESS CONTROL

9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication UsersCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication UsersCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.13 Do not run applications as privilegedCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for config componentCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask present in startupCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask uncommented in startupCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

20.7 (L1) Ensure 'Standard user accounts do not have Administrator privileges'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL