Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device managementCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMPCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPSCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.8 Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.9 Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE, Users'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.11 Ensure 'Create a token object' is set to 'No One'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.24 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.4.1 (L1) Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators and Interactive Users'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.3.4.1 Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators and Interactive Users'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.130 - User Account Control - Behavior of elevation prompt for administratorsDISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.132 - User Account Control - Detect Application InstallationsDISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.134 - User Account Control - Elevate UIAccess applications that are in secure locationsDISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.135 - User Account Control - Switch to secure desktopDISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.136 - User Account Control - Non UAC Compliant Application VirtualizationDISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.141 - User Account Control - Executable ElevationDISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

5.132 - Require username and password to elevate a running application.DISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.9.85.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

19.7.41.1 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

CD12-00-004000 - PostgreSQL must isolate security functions from non-security functions.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001620 - Kubernetes Kubelet must enable kernel protection.DISA STIG Kubernetes v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-R2-000940 - Rancher RKE2 runtime must isolate security functions from nonsecurity functions.DISA Rancher Government Solutions RKE2 STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI485 - Protected Mode must be enforced (Internet zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI490 - Protected Mode must be enforced (Restricted Sites zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI610 - Internet Explorer Processes for Zone Elevation must be enforced (Reserved).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI612 - Internet Explorer Processes for Zone Elevation must be enforced (Explorer).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI614 - Internet Explorer Processes for Zone Elevation must be enforced (IExplore).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EPAS-00-005800 - The EDB Postgres Advanced Server must isolate security functions from nonsecurity functions.EnterpriseDB PostgreSQL Advanced Server DB v2r1PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-006500 - The MySQL Database Server 8.0 must isolate security functions from non-security functions.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

O19C-00-017100 - Oracle Database must isolate security functions from nonsecurity functions by means of separate security domains.DISA Oracle Database 19c STIG v1r1 DatabaseOracleDB

SYSTEM AND COMMUNICATIONS PROTECTION

OL08-00-010170 - OL 8 must use a Linux Security Module configured to enforce limits on system services.DISA Oracle Linux 8 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OL08-00-010422 - OL 8 must disable virtual syscalls.DISA Oracle Linux 8 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-08-010171 - RHEL 8 must have policycoreutils package installed.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-08-010423 - RHEL 8 must clear memory when it is freed to prevent use-after-free attacks.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-431025 - RHEL 9 must have policycoreutils package installed.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-24-600130 - Ubuntu 24.04 LTS must ensure only users who need access to security functions are part of sudo group.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

VCPG-67-000017 - VMware Postgres must not allow schema access to unauthorized accounts.DISA STIG VMware vSphere 6.7 PostgreSQL v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

VCPG-70-000015 - VMware Postgres must not allow schema access to unauthorized accounts.DISA STIG VMware vSphere 7.0 PostgreSQL v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

VCTR-67-000051 - The vCenter Server users must have the correct roles assigned.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

SYSTEM AND COMMUNICATIONS PROTECTION

WINRG-000003 - Local administrator accounts must have their privileged token filtered to prevent elevated privileges.DISA Windows Vista STIG v6r41Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN11-SO-000250 - User Account Control must prompt administrators for consent on the secure desktop.DISA Microsoft Windows 11 STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN11-SO-000260 - User Account Control must be configured to detect application installations and prompt for elevation.DISA Microsoft Windows 11 STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN11-SO-000265 - User Account Control must only elevate UIAccess applications that are installed in secure locations.DISA Microsoft Windows 11 STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN11-SO-000275 - User Account Control must virtualize file and registry write failures to per-user locations.DISA Microsoft Windows 11 STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-CC-000240 - Windows Server 2022 administrator accounts must not be enumerated during elevation.DISA Microsoft Windows Server 2022 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-MS-000020 - Windows Server 2022 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers.DISA Microsoft Windows Server 2022 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-SO-000390 - Windows Server 2022 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop.DISA Microsoft Windows Server 2022 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-SO-000400 - Windows Server 2022 User Account Control (UAC) must, at a minimum, prompt administrators for consent on the secure desktop.DISA Microsoft Windows Server 2022 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION