Item Search

Name	Audit Name	Plugin	Category
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcd	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcd	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.2.23 Ensure that the --service-account-lookup argument is set to true	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.2.23 Ensure that the --service-account-lookup argument is set to true	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.2.26 Ensure that the --service-account-lookup argument is set to true	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
2.5 Ensure that the User-ID Agent has minimal permissions if User-ID is enabled	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	ACCESS CONTROL, CONFIGURATION MANAGEMENT
2.6 Ensure that the User-ID service account does not have interactive logon rights	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	ACCESS CONTROL
2.7 Ensure remote access capabilities for the User-ID service account are forbidden.	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	ACCESS CONTROL
5.1.8 Ensure at/cron is restricted to authorized users - at.allow	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - at.deny	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - cron.allow	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - cron.deny	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure cron is restricted to authorized users	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure cron is restricted to authorized users - /etc/cron.deny	CIS Red Hat 6 Server L1 v3.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure cron is restricted to authorized users - /etc/cron.deny	CIS Red Hat 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users - /etc/at.allow	CIS Red Hat 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users - /etc/at.allow	CIS Red Hat 6 Server L1 v3.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users - /etc/at.allow	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users - /etc/at.deny	CIS Red Hat 6 Server L1 v3.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users - /etc/at.deny	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.4.1.1 Ensure password expiration is 365 days or less - login.defs	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.1 Ensure password expiration is 365 days or less - login.defs	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.1 Ensure password expiration is 365 days or less - users	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.1 Ensure password expiration is 365 days or less - users	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defs	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defs	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.2 Ensure minimum days between password changes is 7 or more - users	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.3 Ensure password expiration warning days is 7 or more - login.defs	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.3 Ensure password expiration warning days is 7 or more - login.defs	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.3 Ensure password expiration warning days is 7 or more - users	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.3 Ensure password expiration warning days is 7 or more - users	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.4 Ensure inactive password lock is 30 days or less - users	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.4 Ensure inactive password lock is 30 days or less - users	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.5 Ensure all users last password change date is in the past	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.1.5 Ensure all users last password change date is in the past	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.2 Ensure system accounts are non-login	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.4.2 Ensure system accounts are secured	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.5.2 Ensure system accounts are secured	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.5.2 Ensure system accounts are secured - non-login shell	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.5.2 Ensure system accounts are secured - unlocked non-root	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.5.2 Ensure system accounts are secured - unlocked non-root	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.3 Ensure all groups in /etc/passwd exist in /etc/group - GIDs referenced in the /etc/passwd file are defined in the /etc/group file.	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.13 Ensure all groups in /etc/passwd exist in /etc/group	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.6.5 Ensure all Custom Login Classes Forbid Shell Access	CIS Juniper OS Benchmark v2.1.0 L1	Juniper	ACCESS CONTROL
7.2 FileVault and Local Account Password Reset using AppleID	CIS Apple macOS 10.14 v2.0.0 L2	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search