Item Search

NameAudit NamePluginCategory
1.1 Remove extraneous files and directories - /conf/Catalina/localhost/manager.xmlCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

1.1 Remove extraneous files and directories - /webapps/servlet-exampleCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

1.1 Remove extraneous files and directories - CATALINA_CONF/conf/Catalina/localhost/host-manager.xmlCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/balancerCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/ROOT/adminCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

1.1.6 Ensure that the --insecure-bind-address argument is not setCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.7 - MobileIron - Disable 'Wi-Fi'MobileIron - CIS Google Android 4 v1.0.0 L2MDM

ACCESS CONTROL

1.1.8 - AirWatch - Disable 'Bluetooth'AirWatch - CIS Google Android 4 v1.0.0 L2MDM

ACCESS CONTROL

1.1.12 - AirWatch - Disable 'Notifications'AirWatch - CIS Google Android 4 v1.0.0 L2MDM

ACCESS CONTROL

1.1.16 - MobileIron - Disable View in Lock Screen for apps when device is lockedMobileIron - CIS Apple iOS 9 v1.0.0 L2MDM

ACCESS CONTROL

1.1.18 - MobileIron - Disable View in Lock Screen for apps when device is lockedMobileIron - CIS Apple iOS 8 v1.0.0 L2MDM

ACCESS CONTROL

1.1.18 Ensure that the --authorization-mode argument is not set to AlwaysAllowCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

ACCESS CONTROL

1.1.32 Ensure that the --authorization-mode argument is set to NodeCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

ACCESS CONTROL

1.1.32 Ensure that the --authorization-mode argument is set to NodeCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

ACCESS CONTROL

1.2.1 - AirWatch - Disable JavaScriptAirWatch - CIS Apple iOS 9 v1.0.0 L2MDM

ACCESS CONTROL

1.2.2 - AirWatch - Enable Fraudulent Website WarningAirWatch - CIS Apple iOS 9 v1.0.0 L1MDM

ACCESS CONTROL

1.2.5 - AirWatch - Enable 'Block pop-ups'AirWatch - CIS Google Android 4 v1.0.0 L1MDM

ACCESS CONTROL

1.2.5 - MobileIron - Enable 'Block pop-ups' - 'Samsung SAFE'MobileIron - CIS Google Android 4 v1.0.0 L1MDM

ACCESS CONTROL

1.2.6 - AirWatch - Delete Saved Password InformationAirWatch - CIS Apple iOS 8 v1.0.0 L2MDM

ACCESS CONTROL

1.2.9 - MobileIron - Turn On Do Not TrackMobileIron - CIS Apple iOS 9 v1.0.0 L2MDM

ACCESS CONTROL

2.1 Disable Local-only Graphical Login EnvironmentCIS Solaris 11 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.1.2 Disable Bluetooth 'Discoverable' mode when not pairing devicesCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.1.5 Ensure that the --read-only-port argument is set to 0CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.11 Disable Apache services - Make sure that /etc/apache/httpd.conf does not exist. Note this check is only applicable for Apache 1.xCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

2.4.1 Disable Remote Apple EventsCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.4.3 Disable Screen SharingCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.4.6 Disable DVD or CD SharingCIS Apple macOS 10.13 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - AppleFileServerCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.9 Disable Remote ManagementCIS Apple macOS 10.12 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.6 Ensure TLS authentication for Docker daemon is configured --tlscertCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.4 Ensure that the --insecure-bind-address argument is not setCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

3.2 Ensure that MongoDB only listens for network connections on authorized interfacesCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

3.3.3 Disable DAS discoverabilityCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS LinuxUnix

CONFIGURATION MANAGEMENT

4.1 Restrict Core Dumps - apportCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

4.2 Enable FTP daemon Logging - Make sure that exec is set to /usr/sbin/in.ftpd -a -l -dCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

5.1 Securely Authenticate Zone TransfersCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2 Ensure chargen is not enabledCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

5.3.1 Remove operating system related ESPs - sybsyesp.dllCIS Sybase 15.0 L2 OS Windows v1.1.0Windows

CONFIGURATION MANAGEMENT

5.6 Ensure time is not enabledCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.6 Ensure time is not enabledCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

6.2 Ensure Avahi Server is not enabledCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

6.4 Ensure DHCP Server is not enabled - isc-dhcp-serverCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

6.7 Ensure NFS and RPC are not enabled - rpcbind-boot.confCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

6.11 Ensure IMAP and POP server is not enabledCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

6.13 Ensure HTTP Proxy Server is not enabledCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

7.1 Ensure swarm mode is not Enabled, if not neededCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

7.5.1 Disable DCCPCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

7.5.2 Disable SCTPCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

7.5.4 Disable TIPCCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

7.5.4 Disable TIPCCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT