Item Search

Name	Audit Name	Plugin	Category
ESXI-80-000202 - The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.	DISA VMware vSphere 8.0 ESXi STIG v2r3	Unix	CONFIGURATION MANAGEMENT
ESXI-80-000209 - The ESXi host Secure Shell (SSH) daemon must not permit tunnels.	DISA VMware vSphere 8.0 ESXi STIG v2r3	Unix	CONFIGURATION MANAGEMENT
GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts.	AirWatch - DISA Google Android 15 COBO v1r2	MDM	ACCESS CONTROL
GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts.	AirWatch - DISA Google Android 15 COPE v1r2	MDM	ACCESS CONTROL
GOOG-15-006500 - Google Android 15 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].	MobileIron - DISA Google Android 15 COBO v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-006700 - Google Android 15 allow list must be configured to not include applications with the following characteristics:	AirWatch - DISA Google Android 15 COBO v1r2	MDM	IDENTIFICATION AND AUTHENTICATION
GOOG-15-006700 - Google Android 15 allow list must be configured to not include applications with the following characteristics:	MobileIron - DISA Google Android 15 COBO v1r2	MDM	IDENTIFICATION AND AUTHENTICATION
GOOG-15-007400 - Google Android 15 must be configured to disable developer modes.	AirWatch - DISA Google Android 15 COBO v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-007400 - Google Android 15 must be configured to disable developer modes.	MobileIron - DISA Google Android 15 COPE v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-007800 - Google Android 15 must be configured to generate audit records for the following auditable events: Detected integrity violations.	MobileIron - DISA Google Android 15 COPE v1r2	MDM	AUDIT AND ACCOUNTABILITY
GOOG-15-008400 - Google Android 15 must be configured to disable USB mass storage mode.	AirWatch - DISA Google Android 15 COPE v1r2	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems.	AirWatch - DISA Google Android 15 COPE v1r2	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems.	MobileIron - DISA Google Android 15 COPE v1r2	MDM	SYSTEM AND COMMUNICATIONS PROTECTION
GOOG-15-009900 - Google Android 15 must be configured to disable Wi-Fi Sharing.	AirWatch - DISA Google Android 15 COPE v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-009950 - Google Android 15 must be configured to enforce a password for Wi-Fi and Bluetooth hotspot, if approved for use by the authorizing official (AO). If not approved for use, Wi-Fi and Bluetooth hotspot must be disabled.	MobileIron - DISA Google Android 15 COBO v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-009950 - Google Android 15 must be configured to enforce a password for Wi-Fi and Bluetooth hotspot, if approved for use by the authorizing official (AO). If not approved for use, Wi-Fi and Bluetooth hotspot must be disabled.	AirWatch - DISA Google Android 15 COPE v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-010100 - The Google Android 15 work profile must be configured to prevent users from adding personal email accounts to the work email app.	MobileIron - DISA Google Android 15 COPE v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-010300 - Google Android 15 must be provisioned as a fully managed device and configured to create a work profile.	AirWatch - DISA Google Android 15 COPE v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input.	AirWatch - DISA Google Android 15 COBO v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input.	MobileIron - DISA Google Android 15 COBO v1r2	MDM	CONFIGURATION MANAGEMENT
GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input.	AirWatch - DISA Google Android 15 COPE v1r2	MDM	CONFIGURATION MANAGEMENT
RHEL-09-253045 - RHEL 9 must not forward IPv4 source-routed packets by default.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-253050 - RHEL 9 must use a reverse-path filter for IPv4 network traffic when possible by default.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-253055 - RHEL 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-254015 - RHEL 9 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-254025 - RHEL 9 must not enable IPv6 packet forwarding unless the system is a router.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-255155 - RHEL 9 SSH daemon must disable remote X connections for interactive users.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-255175 - RHEL 9 SSH daemon must prevent remote hosts from connecting to the proxy display.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-411060 - All RHEL 9 local interactive users must have a home directory assigned in the /etc/passwd file.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-412070 - RHEL 9 must define default permissions for the system default profile.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-431020 - RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	ACCESS CONTROL
RHEL-09-611030 - RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	ACCESS CONTROL
RHEL-09-611155 - RHEL 9 must not have accounts configured with blank or null passwords.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	IDENTIFICATION AND AUTHENTICATION
RHEL-09-652025 - RHEL 9 must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	CONFIGURATION MANAGEMENT
RHEL-09-653020 - RHEL 9 audit system must take appropriate action when an error writing to the audit storage volume occurs.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY
RHEL-09-653110 - RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY
RHEL-09-653115 - RHEL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY
RHEL-09-654190 - Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY
RHEL-09-654200 - Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	AUDIT AND ACCOUNTABILITY
SLES-12-010111 - The SUSE operating system must restrict privilege elevation to authorized personnel.	DISA SLES 12 STIG v3r2	Unix	CONFIGURATION MANAGEMENT
WN22-00-000200 - Windows Server 2022 accounts must require passwords.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	IDENTIFICATION AND AUTHENTICATION
WN22-00-000240 - Windows Server 2022 must have software certificate installation files removed.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-00-000350 - Windows Server 2022 must not have Simple TCP/IP Services installed.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-00-000400 - Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-00-000460 - Windows Server 2022 systems must have Unified Extensible Firmware Interface (UEFI) firmware and be configured to run in UEFI mode, not Legacy BIOS.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-AU-000170 - Windows Server 2022 must be configured to audit Logon/Logoff - Group Membership successes.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	AUDIT AND ACCOUNTABILITY
WN22-CC-000100 - Windows Server 2022 must be configured to enable Remote host allows delegation of nonexportable credentials.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-CC-000110 - Windows Server 2022 virtualization-based security must be enabled with the platform security level configured to Secure Boot or Secure Boot with DMA Protection.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-CC-000290 - Windows Server 2022 System event log size must be configured to 32768 KB or greater.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search