Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.4 OL08-00-010020CIS Oracle Linux 8 STIG v1.0.0 CAT IUnix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

1.220 RHEL-09-255090CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT IIUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.265 RHEL-09-291040CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT IIUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.446 RHEL-09-671010CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT IUnix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

AIX7-00-002097 - AIX must protect the confidentiality and integrity of transmitted information during preparation for transmission and maintain the confidentiality and integrity of information during reception and disable all non-encryption network access methods.DISA STIG AIX 7.x v3r1Unix

MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-13-000035 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission.DISA STIG Apple Mac OSX 10.13 v2r5Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - OpenSSH versionDISA STIG Apple Mac OSX 10.14 v2r6Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - SSHD currently runningDISA STIG Apple Mac OSX 10.14 v2r6Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - SSHD service disabledDISA STIG Apple Mac OSX 10.14 v2r6Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - OpenSSH versionDISA STIG Apple Mac OSX 10.15 v1r10Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - SSHD currently runningDISA STIG Apple Mac OSX 10.15 v1r10Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - SSHD service disabledDISA STIG Apple Mac OSX 10.15 v1r10Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-000011 - The macOS system must disable the SSHD service.DISA STIG Apple macOS 11 v1r8Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-000011 - The macOS system must disable the SSHD service.DISA STIG Apple macOS 11 v1r5Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions.DISA STIG Apache Server 2.4 Unix Server v3r2Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleDISA STIG Apache Server 2.4 Windows Server v3r3Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleDISA STIG Apache Server 2.4 Windows Server v2r3Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolDISA STIG Apache Server 2.4 Windows Server v2r3Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolDISA STIG Apache Server 2.4 Windows Server v3r3Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

BIND-9X-001100 - The BIND 9.x server implementation must uniquely identify and authenticate the other DNS server before responding to a server-to-server transaction, zone transfer and/or dynamic update request using cryptographically based bidirectional authentication to protect the integrity of the information in transit.DISA BIND 9.x STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Enable SSH for Remote Access SessionsNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

DKER-EE-001050 - TCP socket binding for all Docker Engine - Enterprise nodes in a Universal Control Plane (UCP) cluster must be disabled.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

GEN007841-ESXI5-000120 - Wireless network adapters must be disabled.DISA STIG VMWare ESXi Server 5 STIG v2r1VMware

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

IBMW-LS-000520 - The WebSphere Liberty Server must use FIPS 140-2 approved encryption modules when authenticating users and processes.DISA IBM WebSphere Liberty Server STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

OL08-00-010020 - OL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.DISA Oracle Linux 8 STIG v2r5Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

OL09-00-000070 - OL 9 must enable FIPS mode.DISA Oracle Linux 9 STIG v1r2Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-30-000009 - The Photon operating system must configure sshd to use approved encryption algorithms.DISA STIG VMware vSphere 7.0 Photon OS v1r4Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-40-000013 The Photon operating system must have the OpenSSL FIPS provider installed to protect the confidentiality of remote access sessions.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-67-000009 - The Photon operating system must configure sshd to use approved encryption algorithms.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000293 - Wireless network adapters must be disabled.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-07-040300 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems have SSH installed.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-07-040310 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-671010 - RHEL 9 must enable FIPS mode.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

SLES-12-030100 - All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.DISA SLES 12 STIG v3r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000040 - TLS 1.2 must be used on secured HTTP connectors.DISA STIG Apache Tomcat Application Server 9 v3r2 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000750 - Tomcat must use FIPS-validated ciphers on secured connectors.DISA STIG Apache Tomcat Application Server 9 v3r2 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-16-030420 - All networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission - installedDISA STIG Ubuntu 16.04 LTS v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-16-030420 - All networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission - runningDISA STIG Ubuntu 16.04 LTS v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-18-010420 - The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution System (PDS).DISA STIG Ubuntu 18.04 LTS v2r15Unix

SYSTEM AND COMMUNICATIONS PROTECTION

vCenter: vcenter-8.tls-profileVMware vSphere Security Configuration and Hardening GuideVMware

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

VCFL-67-000006 - vSphere Client must be configured to enable SSL/TLS.DISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

VCLD-67-000003 - VAMI must use cryptography to protect the integrity of remote sessions.DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

VCLD-70-000003 - VAMI must use cryptography to protect the integrity of remote sessions.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

VCRP-70-000003 - Envoy must be configured to operate in FIPS mode.DISA STIG VMware vSphere 7.0 RhttpProxy v1r1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

VCRP-70-000004 - Envoy must use only Transport Layer Security (TLS) 1.2 for the protection of client connections.DISA STIG VMware vSphere 7.0 RhttpProxy v1r1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

VCSA-70-000009 - The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

VCSA-80-000009 - The vCenter Server must use DOD-approved encryption to protect the confidentiality of network sessions.DISA VMware vSphere 8.0 vCenter STIG v2r3VMware

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION