Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.14 Ensure that the admin.conf file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictiveCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

2.2.2 Ensure administrator password retries and lockout time are configuredCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL

2.5 Ensure that the User-ID Agent has minimal permissions if User-ID is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

2.8 Ensure that security policies restrict User-ID Agent traffic from crossing into untrusted zonesCIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto

ACCESS CONTROL

3.1.3 Require explicit authorization for cataloging - 'catalog_noauth = no'CIS IBM DB2 OS L2 v1.2.0Unix

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.10 If the kubelet config.yaml configuration file is being used validate file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS Oracle Linux 8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Rocky Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL

4.3.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Rocky Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.07 init.ora - 'os_authent_prefix = NULL String'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

ACCESS CONTROL

5.1.7 Avoid use of system:masters groupCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.7 Avoid use of system:masters groupCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.20 Ensure sshd PermitRootLogin is disabledCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.1.20 Ensure sshd PermitRootLogin is disabledCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.1 Minimize the admission of privileged containersCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Debian Linux 11 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.5 Minimize the admission of containers with allowPrivilegeEscalationCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.7 Minimize the admission of root containersCIS Kubernetes v1.23 Benchmark v1.0.1 L2 MasterUnix

ACCESS CONTROL

5.2.10 Ensure SSH root login is disabledCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

ACCESS CONTROL

5.4 Ensure root login is restricted to system consoleCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

5.5 Ensure the 'root' Account Is DisabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

ACCESS CONTROL

5.5 Ensure the 'root' Account Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

ACCESS CONTROL

5.6 Ensure the 'root' Account Is DisabledCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL

7.0.2 Establish system control group - 'sysctrl_group value'CIS IBM DB2 OS L2 v1.2.0Unix

ACCESS CONTROL

8.5 Verify that no UID 0 accounts exist other than rootCIS Solaris 9 v1.3Unix

ACCESS CONTROL

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.13 Do not run applications as privilegedCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask present in startupCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL