Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Use the updated Linux KernelCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

1.2.4 Disable the rhnsd DaemonCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.10 Remove talk-serverCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.12 Disable chargen-dgramCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.15 Disable daytime-streamCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.17 Disable echo-streamCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2 Set Daemon umaskCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

3.6 Ensure 'general_log_file' Has Appropriate PermissionsCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0Windows

ACCESS CONTROL, MEDIA PROTECTION

3.15 Remove SNMP ServerCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

6.2.2 Set LogLevel to INFOCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

6.2.4 Disable SSH X11 ForwardingCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

6.2.5 Set SSH MaxAuthTries to 4 or LessCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.2.6 Set SSH IgnoreRhosts to YesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

6.2.8 Disable SSH Root LoginCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.2.10 Do Not Allow Users to Set Environment Options - PermitUserEnvironment noCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

6.4 Restrict root Login to System ConsoleCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

7.1 (L2) Virtual machines must enable Secure BootCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

7.2 Ensure base backups are configured and functionalCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

CONTINGENCY PLANNING

7.3 Ensure base backups are configured and functionalCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONTINGENCY PLANNING

9.1.4 Verify Permissions on /etc/gshadowCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

Administrative actions are loggedTNS Citrix HypervisorUnix

AUDIT AND ACCOUNTABILITY

CIS_PostgreSQL_14_v 1.2.0_L1_DB.audit from CIS PostgreSQL 14 Benchmark v 1.2.0CIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB
DKER-EE-005070 - Docker Enterprise Swarm manager auto-lock key must be rotated periodically.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

EX13-CA-000140 - Exchange software must be installed on a separate partition from the OS.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION

Install a trusted certificate in place of the default self-signed SSL certificateTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

O112-C2-019600 - The DBMS must verify there have not been unauthorized changes to the DBMS software and information.DISA STIG Oracle 11.2g v2r5 DatabaseOracleDB

CONFIGURATION MANAGEMENT

O121-C2-019600 - The system must verify there have not been unauthorized changes to the DBMS software and information.DISA STIG Oracle 12c v3r2 DatabaseOracleDB

SYSTEM AND INFORMATION INTEGRITY

Restrict allowed IPv4 addresses used by each VM guestTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Ensure default 'admin' username is not usedTNS SonicWALL v5.9SonicWALL

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Anti-Spyware - WLANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - AutoDownload Firmware - EnabledTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Client AV Enforcement On - DMZTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Client AV Enforcement On - WLANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Flood Protection - Layer 3 - Attack ThresholdTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 3 - Protection ModeTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Login Banner - Trusted ZoneTNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

SonicWALL - PW Policy - Lockout - Num Attempts <=3TNS SonicWALL v5.9SonicWALL

ACCESS CONTROL

TCAT-AS-000750 - Tomcat must use FIPS-validated ciphers on secured connectors.DISA STIG Apache Tomcat Application Server 9 v3r2 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Use a static IP on the storage network interfaceTNS Citrix HypervisorUnix

CONFIGURATION MANAGEMENT

XenServer - All network interfaces are operating in full-duplex modeTNS Citrix XenServerUnix
XenServer - Auto-start is not enabledTNS Citrix XenServerUnix
XenServer - Disallow unplug detection on the storage network interfaceTNS Citrix XenServerUnix
XenServer - Enable QoS on all VM guestsTNS Citrix XenServerUnix
XenServer - Host is enabledTNS Citrix XenServerUnix
XenServer - Passwords stored in 'secrets' are not visibleTNS Citrix XenServerUnix
XenServer - Restrict allowed IPv4 addresses used by each VM guestTNS Citrix XenServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

XenServer - Use a static IP on the management network interfaceTNS Citrix XenServerUnix