Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3.1 Ensure authentication required for single user modeCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.3.3 Ensure authentication required for single user modeCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.2 Ensure permissions on bootloader config are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.3 Ensure authentication required for single user modeCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.4 Ensure prelink is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.6 Ensure the Ctrl-Alt-Delete key sequence is disabled.CIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.1 Ensure message of the day is configured properly - mrsvCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.4 Ensure remote login warning banner is configured properly - banner textCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.1 Ensure GDM login banner is configuredCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.3 Ensure last logged in user display is disabled - system-db:gdmCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.19 Ensure the operating system enables a user's session lock until that user re-establishes accessCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.1 Ensure USBGuard is installed on the operating systemCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.1 Ensure Location Services Is EnabledCIS Apple macOS 14.0 Sonoma v2.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.2 Ensure 'Show Location Icon in Control Center when System Services Request Your Location' Is EnabledCIS Apple macOS 14.0 Sonoma v2.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10.3 Ensure a Custom Message for the Login Screen Is EnabledCIS Apple macOS 13.0 Ventura v3.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.15.1 Audit Notification SettingsCIS Apple macOS 13.0 Ventura v3.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.16 Ensure no login exists with the name 'sa'CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.6 Ensure broadcast ICMP requests are ignoredCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.9 Ensure TCP SYN Cookies is enabled - sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.10 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra = 0'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.17 Ensure sshd MaxStartups is configuredCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.18 Ensure sshd MaxStartups is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.2.1 Ensure default group for the root account is GID 0CIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.2.1 Ensure default group for the root account is GID 0CIS Oracle Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.2.1 Ensure default group for the root account is GID 0CIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.1 Ensure cron daemon is enabled and running - enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.4.11 Ensure cryptographic mechanisms are used to protect the integrity of audit toolsCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.1.2 Ensure pam_faillock module is enabledCIS Rocky Linux 10 v1.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.1.2 Ensure pam_faillock module is enabledCIS Rocky Linux 10 v1.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.2.2 Ensure pam_faillock module is enabledCIS Rocky Linux 8 v3.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.2.2 Ensure pam_faillock module is enabledCIS Rocky Linux 8 v3.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.11 Ensure SSH HostbasedAuthentication is disabledCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.13 Ensure SSH PermitEmptyPasswords is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.18 Ensure only strong Key Exchange algorithms are used - approved algorithmsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.21 Ensure SSH warning banner is configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.1.3 Ensure password expiration warning days is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.1.3 Ensure password expiration warning days is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.4 (L1) Ensure 'Configure security policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.5 (L1) Ensure 'Configure security policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION