Item Search

Name	Audit Name	Plugin	Category
1.6.2 Ensure 'SSH version 2' is enabled	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	ACCESS CONTROL
3.4.1.1 Ensure ufw is installed	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3.1 Ensure nftables is installed	CIS Oracle Linux 7 v4.0.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3.1 Ensure nftables is installed	CIS Oracle Linux 7 v4.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3.1 Ensure nftables is installed	CIS CentOS Linux 7 v4.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3.1 Ensure nftables is installed	CIS CentOS Linux 7 v4.0.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.4.1.2 Ensure nftables is not installed	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.1.1 Ensure ufw is installed	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.1 Ensure nftables is installed	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.1.2 Ensure nftables is not installed	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.1.2 Ensure nftables is not installed with iptables	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.1.2 Ensure nftables is not installed with iptables	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.1.2 Ensure nftables is not installed with iptables	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.6.3.1.2 Ensure nftables is not installed	CIS Debian Family Server L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.1.1 Ensure ufw is installed	CIS Debian Linux 11 v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.1.1 Ensure ufw is installed	CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.1.1 Ensure ufw is installed	CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host	CIS Debian 9 Workstation L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host	CIS Debian Family Server L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.4 Ensure rsyslog is configured to send logs to a remote log host	CIS Amazon Linux 2 STIG v1.0.0 L1	Unix	AUDIT AND ACCOUNTABILITY
4.3.1.2 Ensure nftables is not installed with iptables	CIS Debian Linux 11 v2.0.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host	CIS Amazon Linux 2023 Server L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host	CIS Red Hat EL8 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1.2.6 Ensure rsyslog is configured to send logs to a remote log host	CIS Debian 10 Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1.2.6 Ensure rsyslog is configured to send logs to a remote log host	CIS Debian 10 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.3 Restrict Linux Kernel Capabilities within containers	CIS Docker 1.13.0 v1.0.0 L1 Docker	Unix	ACCESS CONTROL
6.1.2 Set SSH Protocol to 2 - Check if Protocol is set to 2 and not commented for client.	CIS Solaris 10 L1 v5.2	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
6.2.3.6 Ensure rsyslog is configured to send logs to a remote log host	CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3 Ensure 'log_error_verbosity' is Set to '2'	CIS MySQL 5.7 Enterprise Database L2 v2.0.0	MySQLDB	AUDIT AND ACCOUNTABILITY
6.3 Ensure 'log_error_verbosity' is Set to '2'	CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database	MySQLDB	AUDIT AND ACCOUNTABILITY
6.3 Ensure 'log_error_verbosity' is Set to '2'	CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS	MySQLDB	AUDIT AND ACCOUNTABILITY
6.3 Ensure 'log_warnings' Is Set to '2'	CIS MySQL 5.6 Enterprise Database L2 v2.0.0	MySQLDB	AUDIT AND ACCOUNTABILITY
7.7 Ensure Firewall is active - iptables-persistent run level 4	CIS Debian Linux 7 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Access Security - SSH - Use SSH version 2	Juniper Hardening JunOS 12 Devices Checklist	Juniper	CONFIGURATION MANAGEMENT
CIS_Solaris_11_L2_v1.1.0.audit Level 2	CIS Solaris 11 L2 v1.1.0	Unix
Enhanced secure mode	ArubaOS Switch 16.x Hardening Guide v1.0.0	ArubaOS	CONFIGURATION MANAGEMENT
Ensure mounting of squashfs filesystems is disabled - lsmod	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Excel 2 macrosheets and add-in files	MSCT M365 Apps for enterprise 2312 v1.0.0	Windows	SYSTEM AND INFORMATION INTEGRITY
Excel 2 macrosheets and add-in files	MSCT Office 365 ProPlus 1908 v1.0.0	Windows	SYSTEM AND INFORMATION INTEGRITY
GEN002760-9 - The audit system must be configured to audit all administrative, privileged, and security actions - 'sched_setparam'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	CONFIGURATION MANAGEMENT
GEN002760-10 - The audit system must be configured to audit all administrative, privileged, and security actions - 'sched_setscheduler'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	CONFIGURATION MANAGEMENT
MD4X-00-005700 - MongoDB must prohibit the use of cached authenticators after an organization-defined time period.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS	Unix	IDENTIFICATION AND AUTHENTICATION
PHTN-67-000048 - The Photon operating system must initiate auditing as part of the boot process.	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	AUDIT AND ACCOUNTABILITY
Remove file extensions blocked as Level 2	Microsoft 365 Apps for Enterprise 2306 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Remove file extensions blocked as Level 2	MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Salesforce.com : Email Services - 'AttachmentOption != 2 or 3'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : Email Services - 'AuthenticationFailureAction != 2 or 3'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
SonicWALL - Flood Protection - Layer 2 - All Interfaces	TNS SonicWALL v5.9	SonicWALL	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search