Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure mounting of squashfs filesystems is disabledCIS Amazon Linux 2 STIG v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.2 Ensure permissions on bootloader config are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.3 Ensure authentication required for single user modeCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.4 Ensure prelink is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.6 Ensure the Ctrl-Alt-Delete key sequence is disabled.CIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.4 Ensure remote login warning banner is configured properlyCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.1 Ensure GDM login banner is configuredCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.14 Ensure the 'sa' Login Account has been renamedCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.16 Ensure no login exists with the name 'sa'CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.17 Ensure 'debug_print_rewritten' is disabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.18 Ensure 'debug_print_plan' is disabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.4 Ensure secure ICMP redirects are not acceptedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.6 Ensure broadcast ICMP requests are ignoredCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.10 Ensure IPv6 router advertisements are not acceptedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.17 Ensure sshd MaxStartups is configuredCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.17 Ensure sshd MaxStartups is configuredCIS Red Hat EL8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.17 Ensure sshd MaxStartups is configuredCIS Rocky Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS Rocky Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.2.1 Ensure default group for the root account is GID 0CIS Oracle Linux 8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.2.1 Ensure default group for the root account is GID 0CIS Red Hat EL8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.4 (L2) Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)' is set to 'Enabled'CIS Microsoft Intune for Windows 11 v4.0.0 L2Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.10.19.2 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.1 Ensure cron daemon is enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.4.11 Ensure cryptographic mechanisms are used to protect the integrity of audit toolsCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.10 Ensure SSH IgnoreRhosts is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.19 Ensure SSH Idle Timeout Interval is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.21 Ensure SSH warning banner is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.3 Ensure password expiration warning days is 7 or moreCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.4 Ensure inactive password lock is 30 days or lessCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.2 Ensure Show Password Hints Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.12 Ensure no ungrouped files or directories existCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.5 Ensure no duplicate user names existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.6 Ensure no duplicate group names existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.8 Ensure no duplicate GIDs existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.9 Ensure root is the only UID 0 accountCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.11 Ensure all users' home directories existCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

15.2 (L1) Ensure 'Refresh cadence' is set to '90' (or less)CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.4.5 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.4.5 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L2) Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.4 (L1) Ensure 'Configure security policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.33.6.3 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (on battery)' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 BitLockerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.33.6.3 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (on battery)' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.33.6.3 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (on battery)' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION