Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User must enter a password each time they use a key'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall RulesCIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure firewalld service enabled and runningCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.1 Ensure default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.1 Ensure IPv6 default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure default deny firewall policy - Chain FORWARDCIS Debian 8 Workstation L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure default deny firewall policy - Chain OUTPUTCIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure IPv6 default deny firewall policy - Chain FORWARDCIS Distribution Independent Linux Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure IPv6 default deny firewall policy - Chain INPUTCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewalld service enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewalld service enabled and runningCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.6 Ensure network interfaces are assigned to appropriate zoneCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure default deny firewall policy - Chain INPUTCIS Distribution Independent Linux Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure IPv6 default deny firewall policy - Chain FORWARDCIS Debian 9 Server L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure IPv6 default deny firewall policy - Chain INPUTCIS Debian 8 Workstation L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure IPv6 default deny firewall policy - Chain OUTPUTCIS Debian 8 Server L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure IPv6 default deny firewall policy - Chain OUTPUTCIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure IPv6 default deny firewall policy - Chain OUTPUTCIS Debian 8 Workstation L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.1.1 Ensure iptables packages are installed - iptablesCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.1 Ensure iptables default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.2 Ensure ip6tables outbound and established connections are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Ensure Firewall Logging Is Enabled and ConfiguredCIS Apple macOS 13.0 Ventura v3.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Ensure Firewall Logging Is Enabled and Configured - EnableLoggingCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - INPUTCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.2 Ensure Uncomplicated Firewall is not installed or disabledCIS Debian Family Workstation L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - iptablesCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - iptablesCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - iptablesCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - ssCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - ssCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2.1 Ensure default deny firewall policy - OUTPUTCIS Debian Family Workstation L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.3.1 Ensure IPv6 default deny firewall policy - Chain FORWARDCIS Debian Family Workstation L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.1.1 Ensure default deny firewall policy - 'Chain OUTPUT'CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.2.1 Ensure IPv6 default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.2.1 Ensure IPv6 default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Ensure inbound firewall filter is set for Loopback interfaceCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.5 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.5 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.6 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'CIS Windows Server 2012 DC L1 v3.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.27 Ensure 'Event Viewer must be protected from unauthorized modification and deletion'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

38.2 (L1) Ensure 'Enable Domain Network Firewall: Default Inbound Action for Domain Profile' is set to 'Block'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Enable Firewall LoggingNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000233 - OHS hosted web sites must utilize ports, protocols, and services according to PPSM guidelines.DISA STIG Oracle HTTP Server 12.1.3 v2r3Unix

CONFIGURATION MANAGEMENT

SLES-15-010370 - The SUSE operating system must have a firewall system installed to immediately disconnect or disable remote access to the whole operating system.DISA SUSE Linux Enterprise Server 15 STIG v2r4Unix

ACCESS CONTROL

UBTU-18-010507 - The Ubuntu operating system must enable and run the uncomplicated firewall(ufw).DISA STIG Ubuntu 18.04 LTS v2r15Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

UBTU-20-010454 - The Ubuntu operating system must have an application firewall enabled.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

CONFIGURATION MANAGEMENT