Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.16 Ensure that Snowflake stored procedures are not owned by the ACCOUNTADMIN or SECURITYADMIN rolesCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL

2.1.2 Ensure 'ADMIN_RESTRICTIONS_' Is Set to 'ON'CIS Oracle Server 19c Windows v1.2.0Windows

ACCESS CONTROL

2.1.3 Ensure 'ADMIN_RESTRICTIONS_' Is Set to 'ON'CIS Oracle Server 18c Linux v1.1.0Unix

ACCESS CONTROL

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS SQL Server 2017 Database L1 OS v1.3.0Windows

ACCESS CONTROL

3.6.1.2 OpenSSH - PermitRootLoginCIS IBM AIX 7.1 L2 v2.1.0Unix

ACCESS CONTROL

4.1 Ensure sudo is configured correctly - /etc/sudoers.d/postgresCIS PostgreSQL 12 OS v1.1.0Unix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

4.1.10 If the kubelet config.yaml configuration file is being used validate file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

4.4 Ensure No Users Are Assigned the 'DEFAULT' ProfileCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

5.1.20 Ensure sshd PermitRootLogin is disabledCIS Red Hat Enterprise Linux 10 v1.0.0 L1 ServerUnix

ACCESS CONTROL

5.1.20 Ensure sshd PermitRootLogin is disabledCIS Red Hat Enterprise Linux 10 v1.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.1.21 Ensure sshd PermitRootLogin is disabledCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.1.22 Ensure sshd PermitRootLogin is disabledCIS Red Hat Enterprise Linux 8 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2 Ensure 'FILE' is Not Granted to Non-Administrative UsersCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 10 v1.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 10 v1.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 8 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Red Hat Enterprise Linux 10 v1.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS AlmaLinux OS 8 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS AlmaLinux OS 8 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Oracle Linux 8 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Oracle Linux 8 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.2 Minimize the admission of privileged containersCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for escalationCIS Rocky Linux 8 v3.0.0 L2 WorkstationUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for escalationCIS Red Hat Enterprise Linux 10 v1.0.0 L2 WorkstationUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for escalationCIS Red Hat Enterprise Linux 8 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Red Hat Enterprise Linux 10 v1.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Rocky Linux 8 v3.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.5 Ensure users must provide password for escalationCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 ServerUnix

ACCESS CONTROL

5.2.6 Ensure sudo timestamp_timeout is configuredCIS Red Hat Enterprise Linux 10 v1.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.6 Ensure sudo timestamp_timeout is configuredCIS Oracle Linux 8 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.7 Minimize the admission of root containersCIS Kubernetes v1.24 Benchmark v1.0.0 L2 MasterUnix

ACCESS CONTROL

5.2.8 Ensure SSH root login is disabledCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL

5.3.12 Ensure SSH root login is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.12 Ensure SSH root login is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure logging of replication commands is configuredCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure logging of replication commands is configuredCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL

9.3 Ensure 'super_priv' is Not Set to 'Y' for Replication UsersCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.13 Do not run applications as privilegedCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for config componentCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask present in startupCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask uncommented in startupCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL