Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.9 Ensure the maximum log file size is set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.11 Ensure the program name for PostgreSQL syslog messages is correctCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

6.3 Ensure 'Postmaster' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.4 Ensure 'SIGHUP' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.6 Ensure 'User' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.8 Ensure SSL is enabled and configured correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure SSL Certificates are Configured For Replication - ssl cert fileCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

EX19-ED-000159 - Exchange must limit the Receive connector timeout.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

ACCESS CONTROL

Fortigate - Auto backup is configured - 'FortiManager'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONTINGENCY PLANNING

Fortigate - AV License - Not ExpiredTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Disable insecure services - TELNETTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

CONFIGURATION MANAGEMENT

Fortigate - Does not use self-signed certificate - 'admin'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - External Logging - 'fortianalyzer'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - External Logging - 'syslogd'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - HTTPS/SSH admin access strong ciphersTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Inactivity timeout - 'console' <= 5TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - Local Logging is enabledTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - Log WAN optimization messagesTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - SNMP community string - 'public'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

Fortigate - SNMP v3 uses AES instead of DESTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

Fortigate - SSH login grace time <= 30 secondsTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

ACCESS CONTROL

Fortigate - System event loggingTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - VPN event loggingTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Secret'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Send Client Credentials in Header'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Endpoint URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers in use'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Data Access Control - 'Enable CSRF protection on GET requests on non-setup pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Email Services - 'IsErrorRoutingEnabled = True'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND INFORMATION INTEGRITY

Salesforce.com : Object Permissions - 'DefaultLeadAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Object Permissions - 'DefaultOpportunityAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'lockout period >= 30 minutes'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup customer Visualforce pages = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Setting Session Security - 'Lock session to IP = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Session Security - 'Review Salesforce console User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Salesforce CRM Content User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review user types'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Work.com User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Use POST requests for cross-domain sessions = true'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

SonicWALL - SSL Control - Detect SSLv2TNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

WN22-DC-000300 - Windows Server 2022 PKI certificates associated with user accounts must be issued by a DoD PKI or an approved External Certificate Authority (ECA).DISA Microsoft Windows Server 2022 STIG v2r4Windows

IDENTIFICATION AND AUTHENTICATION