Item Search

Name	Audit Name	Plugin	Category
5.14 OAS - 'SSL Cipher Suite - Set SSL Cipher Suite. ssl_cipher_suites = SSL_RSA_WITH_3DES_EDE_CBC_SHA'	CIS v1.1.0 Oracle 11g OS Windows Level 2	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
6.6 Ensure subnets for the Web tier are created	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	SYSTEM AND COMMUNICATIONS PROTECTION
6.7 Ensure subnets for the App tier are created	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	SYSTEM AND COMMUNICATIONS PROTECTION
8.4.4 (L2) Ensure Guest Host Interaction Protocol Handler is set to disabled	CIS VMware ESXi 7.0 v1.4.0 L2	VMware	CONFIGURATION MANAGEMENT
8.4.7 (L2) Ensure Unity Window Contents is disabled	CIS VMware ESXi 7.0 v1.4.0 L2	VMware	CONFIGURATION MANAGEMENT
8.4.7 Disable Guest Host Interaction Protocol Handler	CIS VMware ESXi 5.1 v1.0.1 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.8 (L2) Ensure Unity Push Update is disabled	CIS VMware ESXi 7.0 v1.4.0 L2	VMware	CONFIGURATION MANAGEMENT
8.4.12 (L2) Ensure Request Disk Topology is disabled	CIS VMware ESXi 7.0 v1.4.0 L2	VMware	CONFIGURATION MANAGEMENT
8.4.14 (L2) Ensure Guest Host Interaction Tray Icon is disabled	CIS VMware ESXi 7.0 v1.4.0 L2	VMware	CONFIGURATION MANAGEMENT
8.4.15 Ensure Unity is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.19 (L2) Ensure Guest Host Interaction Launch Menu is disabled	CIS VMware ESXi 7.0 v1.4.0 L2	VMware	CONFIGURATION MANAGEMENT
18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
18.2.4 Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.2.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	IDENTIFICATION AND AUTHENTICATION
18.2.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.2.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.1 Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' (MS only)	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.8.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.6.8.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
CISC-RT-000710 - The Cisco PE switch must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain.	DISA STIG Cisco IOS XE Switch RTR v3r1	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated - '$ORACLE_HOME/network/admin/sqlnet.ora SQLNET.SSLFIPS_140 = true'	DISA STIG Oracle 11 Installation v9r1 Linux	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
ESXI-06-100010 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers.	DISA STIG VMware vSphere 6.x ESXi OS v1r5	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
GEN000242 - The system must use at least two time sources for clock synchronization - service ntp server 2	DISA STIG Solaris 10 X86 v2r4	Unix	AUDIT AND ACCOUNTABILITY
MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures.	DISA MariaDB Enterprise 10.x v2r3 DB	MySQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
O112-C2-015700 - The DBMS must use NIST-validated FIPS 140-2-compliant cryptography for authentication mechanisms.	DISA STIG Oracle 11.2g v2r5 Linux	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000256 - OHS must have the SSLCipherSuite directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000257 - OHS must have the LoadModule ossl_module directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000258 - OHS must have the SSLFIPS directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLWallet	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - JAVA_OPTIONS	Oracle WebLogic Server 12c Linux v2r2 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - JAVA_OPTIONS	Oracle WebLogic Server 12c Windows v2r2	Windows	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATH	Oracle WebLogic Server 12c Linux v2r2	Unix	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATH	Oracle WebLogic Server 12c Linux v2r2 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
WNDF-AV-000031 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Severe - Enabled	DISA STIG Microsoft Defender Antivirus v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WNDF-AV-000040 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level High - 4>2	DISA STIG Microsoft Defender Antivirus v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WNDF-AV-000042 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Low - 1>2	DISA STIG Microsoft Defender Antivirus v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WNDF-AV-000042 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Low - Enabled	DISA STIG Microsoft Defender Antivirus v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search