Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3.1 Ensure 'Enforce user logon restrictions' is set to 'Enabled' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall RulesCIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.1 Ensure ip6tables default deny firewall policyCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.1 Ensure IPv6 default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure default deny firewall policy - Chain FORWARDCIS Debian 9 Server L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure default deny firewall policy - Chain INPUTCIS Debian 9 Server L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure default deny firewall policy - Chain INPUTCIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure IPv6 default deny firewall policy - Chain OUTPUTCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure default deny firewall policy - Chain FORWARDCIS Distribution Independent Linux Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure IPv6 default deny firewall policy - Chain FORWARDCIS Debian 8 Workstation L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure IPv6 default deny firewall policy - Chain INPUTCIS Debian 8 Server L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.1 Ensure iptables default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.1 Ensure iptables default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.1 Ensure iptables default deny firewall policy - 'Chain OUTPUT'CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.1 Ensure iptables default deny firewall policy - 'Chain OUTPUT'CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.1 Ensure ip6tables default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.1 Ensure ip6tables default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.1 Ensure ip6tables default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - INPUTCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - OUTPUTCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - iptablesCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - iptablesCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - iptablesCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - ssCIS Oracle Linux 6 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - ssCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - ssCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2.1 Ensure default deny firewall policy - OUTPUTCIS Debian Family Workstation L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.3.1 Ensure IPv6 default deny firewall policy - Chain FORWARDCIS Debian Family Workstation L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.1.1 Ensure default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.2.1 Ensure IPv6 default deny firewall policy - 'Chain OUTPUT'CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.1.6 Ensure ufw firewall rules exist for all open portsCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.6 Ensure ufw firewall rules exist for all open portsCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.6 Ensure ufw firewall rules exist for all open portsCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2.1 Ensure iptables default deny firewall policyCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.6 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.5 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

20.27 Ensure 'Event Viewer must be protected from unauthorized modification and deletion'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.27 Ensure 'Event Viewer must be protected from unauthorized modification and deletion'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

CISC-ND-001150 - The Cisco router must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based.DISA Cisco IOS Router NDM STIG v3r4Cisco

IDENTIFICATION AND AUTHENTICATION

DG0071-ORACLE11 - New passwords must be required to differ from old passwords by more than four characters - 'PASSWORD_VERIFY_FUNCTION is not set to NULL or DEFAULT'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
Ensure timezone is properly configuredTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

CONFIGURATION MANAGEMENT

First Hop Security - IP Inspection - Admin StatusTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

OH12-1X-000233 - OHS hosted web sites must utilize ports, protocols, and services according to PPSM guidelines.DISA STIG Oracle HTTP Server 12.1.3 v2r3Unix

CONFIGURATION MANAGEMENT

Syslog Remote Destination - HostTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY