Item Search

NameAudit NamePluginCategory
2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NGWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BLWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators'CIS Microsoft Windows 8.1 v2.4.1 L2Windows

ACCESS CONTROL

2.2.43 Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only)CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.13 Only enable directory server if absolutely necessary - Ensure file /etc/rc2.d/S72directory does NOT exist.CIS Solaris 9 v1.3Unix

CONFIGURATION MANAGEMENT

3.21 (L2) Host should enable strict lockdown modeCIS VMware ESXi 8.0 v1.2.0 L2VMware

ACCESS CONTROL

5.6 (L2) Ensure Strict Lockdown mode is enabledCIS VMware ESXi 7.0 v1.5.0 L2VMware

ACCESS CONTROL

7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zoneCIS Palo Alto Firewall 10 v1.2.0 L2Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zoneCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

8.1.33 Set 'Web sites in less privileged Web content zones can navigate into this zone' to 'Enabled:Disable'CIS IE 11 v1.0.0Windows

ACCESS CONTROL

AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.DISA STIG Apache Server 2.4 Unix Site v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - mod_reqtimeoutDISA STIG Apache Server 2.4 Windows Server v2r3Windows

ACCESS CONTROL

AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - mod_reqtimeoutDISA STIG Apache Server 2.4 Windows Server v3r3Windows

ACCESS CONTROL

AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - RequestReadTimeoutDISA STIG Apache Server 2.4 Windows Server v2r3Windows

ACCESS CONTROL

AS24-W1-000860 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W2-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - mod_reqtimeoutDISA STIG Apache Server 2.4 Windows Site v2r2Windows

ACCESS CONTROL

DISA_Microsoft_Windows_11_STIG_v2r3.audit from DISA Microsoft Windows 11 STIG v2r3DISA Microsoft Windows 11 STIG v2r3Windows
DISA_Oracle_Linux_8_STIG_v2r4.audit from DISA Oracle Linux 8 STIG v2r4DISA Oracle Linux 8 STIG v2r4Unix
DISA_STIG_Apache_Site-2.2_Unix_v1r11_Middleware.audit from DISA Apache 2.2 Unix STIG v1r11DISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix
DISA_STIG_Cisco_ASA_FW_v2r1.audit from DISA Cisco ASA Firewall v2r1 STIGDISA STIG Cisco ASA FW v2r1Cisco
DISA_STIG_Cisco_ASA_VPN_v2r2.audit from DISA Cisco ASA VPN v2r2 STIGDISA STIG Cisco ASA VPN v2r2Cisco
DISA_STIG_IBM_DB2_v10.5_LUW_v2r1_OS_Windows.audit from DISA IBM DB2 V10.5 LUW v2r1 STIGDISA STIG IBM DB2 v10.5 LUW v2r1 OS WindowsWindows
DISA_STIG_Microsoft_Access_2010_v1r11.audit from DISA Microsoft Access 2010 v1r11 STIGDISA STIG Office 2010 Access v1r11Windows
DISA_STIG_Microsoft_Access_2013_v1r7.audit from DISA Microsoft Access 2013 v1r7 STIGDISA STIG Microsoft Access 2013 v1r7Windows
DISA_STIG_Microsoft_Groove_2013_v1r4.audit from DISA Microsoft Groove 2013 v1r4 STIGDISA STIG Microsoft Groove 2013 v1r4Windows
DISA_STIG_Microsoft_InfoPath_2010_v1r12.audit from DISA Microsoft InfoPath 2010 v1r12 STIGDISA STIG Office 2010 InfoPath v1r12Windows
DISA_STIG_Microsoft_Lync_2013_v1r5.audit from DISA Microsoft Lync 2013 v1r5 STIGDISA STIG Microsoft Lync 2013 v1r5Windows
DISA_STIG_Microsoft_OneNote_2013_v1r4.audit from DISA Microsoft OneNote 2013 v1r4 STIGDISA STIG Microsoft OneNote 2013 v1r4Windows
DISA_STIG_Microsoft_Outlook_2010_v1r14.audit from DISA Microsoft Outlook 2010 v1r14 STIGDISA STIG Office 2010 Outlook v1r14Windows
DISA_STIG_Microsoft_Outlook_2013_v1r14.audit from DISA Microsoft Outlook 2013 v1r14 STIGDISA STIG Microsoft Outlook 2013 v1r14Windows
DISA_STIG_Microsoft_Project_2013_v1r5.audit from DISA Microsoft Project 2013 v1r5 STIGDISA STIG Microsoft Project 2013 v1r5Windows
DISA_STIG_Microsoft_Visio_2013_v1r5.audit from DISA Microsoft Visio 2013 v1r5 STIGDISA STIG Microsoft Visio 2013 v1r5Windows
DISA_STIG_MS_Windows_Privileged_Access_Workstation_v3r1.audit from DISA Microsoft Windows PAW v3r1 STIGDISA MS Windows Privileged Access Workstation v3r1Windows
DISA_STIG_Oracle_Linux_5_v2r1.audit from DISA Oracle Linux 5 v2r1 STIGDISA STIG for Oracle Linux 5 v2r1Unix
DISA_STIG_Solaris_10_x86_v2r4.audit from DISA Solaris 10 X86 v2r4 STIGDISA STIG Solaris 10 X86 v2r4Unix
DISA_STIG_Solaris_11_v3r1.audit from DISA Solaris 11 X86 v3r1 STIGDISA STIG Solaris 11 X86 v3r1Unix
DTBI520 - Web sites in less privileged web content zones must be disallowed to navigate into the Restricted Site zone.DISA STIG Microsoft Internet Explorer 9 v1r15Windows

ACCESS CONTROL

EDGE-00-000027 - Web Bluetooth API must be disabled.DISA STIG Edge v2r2Windows

CONFIGURATION MANAGEMENT

Fortigate - Does not use self-signed certificate - 'admin'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

IDENTIFICATION AND AUTHENTICATION

PANW-AG-000115 - The Palo Alto Networks security platform must continuously monitor inbound communications traffic crossing internal security boundaries.DISA STIG Palo Alto ALG v3r4Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

SYMP-AG-000580 - Symantec ProxySG must identify and log internal users associated with denied outgoing communications traffic posing a threat to external information systems - PolicyDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

SYSTEM AND COMMUNICATIONS PROTECTION

VCLD-80-000022 The vCenter VAMI service must off-load log records onto a different system or media from the system being logged.DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1Unix

AUDIT AND ACCOUNTABILITY

VCTR-67-000031 - The vCenter Server must restrict the connectivity between Update Manager and public patch repositories by use of a separate Update Manager Download Server.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT

WBSP-AS-000080 - WebSphere Application Server groups mapped to WebSphere auditor roles must be configured in accordance with security planDISA IBM WebSphere Traditional 9 STIG v1r1Unix

ACCESS CONTROL

WBSP-AS-000080 - WebSphere Application Server groups mapped to WebSphere auditor roles must be configured in accordance with security planDISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

ACCESS CONTROL

WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

ACCESS CONTROL

WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

ACCESS CONTROL