Item Search

Name	Audit Name	Plugin	Category
1.5 Installing ISC BIND 9 - bind9 installation	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix
2.2 Ensure redundant remote authentication servers are configured	CIS F5 Networks v1.0.0 L2	F5	ACCESS CONTROL
2.5.1.6.3 (L1) Ensure 'Turn off RSS feature' is set to 'Enabled'	CIS Microsoft Intune for Office v1.1.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
4.2 Use trusted base images for containers	CIS Docker 1.11.0 v1.0.0 L1 Docker	Unix	CONFIGURATION MANAGEMENT
5.3 Restrict Linux Kernel Capabilities within containers	CIS Docker 1.11.0 v1.0.0 L1 Docker	Unix	ACCESS CONTROL
5.3.2 Ensure system accounts are secured	CIS Google Container-Optimized OS v1.2.0 L2 Server	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.4.2 Ensure system accounts are secured - lock not root	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	ACCESS CONTROL
5.4.2 Ensure system accounts are secured - lock not root	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.4.2 Ensure system accounts are secured - non login	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	ACCESS CONTROL
5.4.2 Ensure system accounts are secured - non login	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.16 Do not share the host's IPC namespace	CIS Docker 1.12.0 v1.0.0 L1 Docker	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.17 Create specialized keychains for different purposes	CIS Apple OSX 10.10 Yosemite L2 v1.2.0	Unix
5.17 Create specialized keychains for different purposes	CIS Apple OSX 10.11 El Capitan L2 v1.1.0	Unix
6.2.11 Ensure users' dot files are not group or world writable	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	ACCESS CONTROL
6.2.11 Ensure users' dot files are not group or world writable	CIS Red Hat 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
6.2.11 Ensure users' dot files are not group or world writable	CIS CentOS 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
6.2.11 Ensure users' dot files are not group or world writable	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
6.2.11 Ensure users' dot files are not group or world writable	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
6.2.11 Ensure users' dot files are not group or world writable	CIS Red Hat 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
6.2.12 Ensure users' dot files are not group or world writable	CIS Fedora 28 Family Linux Workstation L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.12 Ensure users' dot files are not group or world writable	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.12 Ensure users' dot files are not group or world writable	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.12 Ensure users' dot files are not group or world writable	CIS Fedora 28 Family Linux Server L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.14 Ensure users' dot files are not group or world writable	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.14 Ensure users' dot files are not group or world writable	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.14 Ensure users' dot files are not group or world writable	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2.14 Ensure users' dot files are not group or world writable	CIS Amazon Linux 2 STIG v2.0.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
10.2.1 Ensure that soft delete for blobs on Azure Blob Storage storage accounts is Enabled	CIS Microsoft Azure Foundations v4.0.0 L1	microsoft_azure	CONTINGENCY PLANNING
18.8.48.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.19.1 (L1) Ensure 'Turn off desktop gadgets' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.24.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Microsoft Windows Server 2019 v4.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.9.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.10.9.1.12 (L1) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.9 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.9 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.9 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.12 (BL) Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.12 (BL) Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
F5BI-AP-000231 - The F5 BIG-IP appliance must be configured to deny access when revocation data is unavailable using OCSP.	DISA F5 BIG-IP Access Policy Manager STIG v2r4	F5	IDENTIFICATION AND AUTHENTICATION
KNOX-07-913200 - The Samsung must implement the management setting: Configure to enforce a minimum Container password length of 4 characters	AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
KNOX-07-913600 - The Samsung must implement the management setting: Disable sharing of notification details outside the Container.	AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
PANW-IP-000049 - The Palo Alto Networks security platform must continuously monitor inbound communications traffic for unusual/unauthorized activities or conditions.	DISA STIG Palo Alto IDPS v3r2	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
PANW-IP-000050 - The Palo Alto Networks security platform must continuously monitor outbound communications traffic for unusual/unauthorized activities or conditions.	DISA STIG Palo Alto IDPS v3r2	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
WN12-SO-000042 - IPSec Exemptions must be limited.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000042 - IPSec Exemptions must be limited.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search