Item Search

Name	Audit Name	Plugin	Category
1.1.1.6 Ensure squashfs kernel module is not available	CIS Amazon Linux 2 v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT
1.1.2.3.1 Ensure separate partition exists for /home	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.2.3 Ensure repo_gpgcheck is globally activated	CIS Amazon Linux 2 v3.0.0 L2	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.15 (L2) Ensure 'Control use of the WebUSB API' is set to 'Enabled: Do not allow any site to request access to USB devices via the WebUSB API'	CIS Google Chrome Group Policy v1.0.0 L2	Windows	CONFIGURATION MANAGEMENT
2.8 Ensure 'credentials' are not stored in configuration files - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	IDENTIFICATION AND AUTHENTICATION
3.2 Ensure 'debug' is turned off	CIS IIS 8.0 v1.5.1 Level 2	Windows	SYSTEM AND INFORMATION INTEGRITY
3.2.1 Ensure dccp kernel module is not available	CIS Amazon Linux 2 v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT
3.6 Ensure 'httpcookie' mode is configured for session state - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	SYSTEM AND SERVICES ACQUISITION
3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.1 Ensure 'maxAllowedContentLength' is configured - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	SYSTEM AND SERVICES ACQUISITION
4.4 Ensure non-ASCII characters in URLs are not allowed - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	SYSTEM AND SERVICES ACQUISITION
4.4.2.1.4 Ensure password failed attempts lockout includes root account	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL
4.11.23.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
5.2.1.3 Ensure audit_backlog_limit is sufficient	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.2.2 Ensure audit logs are not automatically deleted	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.1 Ensure changes to system administration scope (sudoers) is collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.4.1 Ensure the audit log directory is 0750 or more restrictive	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.8 Ensure audit tools are 755 or more restrictive	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.1 Ensure HSTS Header is set	CIS IIS 8.0 v1.5.1 Level 2	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.12 Ensure TLS Cipher Suite ordering is Configured	CIS IIS 10 v1.2.1 Level 2	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.4.4 (L2) Ensure Guest Host Interaction Protocol Handler is set to disabled	CIS VMware ESXi 7.0 v1.5.0 L2	VMware	CONFIGURATION MANAGEMENT
8.4.4 Ensure Guest Host Interaction Protocol Handler is set to disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.5 Ensure Unity Taskbar is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.6 Ensure Unity Active is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.7 Ensure Unity Window Contents is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.8 Ensure Unity Push Update is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.10 Ensure Drag and Drop Version Set is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.13 (L2) Ensure Trash Folder State is disabled	CIS VMware ESXi 7.0 v1.5.0 L2	VMware	CONFIGURATION MANAGEMENT
8.4.13 Ensure Trash Folder State is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.14 Ensure Guest Host Interaction Tray Icon is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.16 Ensure Unity Interlock is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.17 Ensure GetCreds is disabled	CIS VMware ESXi 6.7 v1.3.0 Level 2	VMware	CONFIGURATION MANAGEMENT
8.4.21 Disable Host Guest File System Server	CIS VMware ESXi 5.5 v1.2.0 Level 2	VMware	CONFIGURATION MANAGEMENT
18.6.8.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.10.34.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
89.26 (L1) Ensure 'Manage Volume' is set to 'Administrators'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
ESXI-65-000011 - The ESXi host SSH daemon must be configured to use only the SSHv2 protocol.	DISA STIG VMware vSphere ESXi OS 6.5 v2r4	Unix	ACCESS CONTROL
ESXi: esxi-8.ssh-fips-ciphers	VMware vSphere Security Configuration and Hardening Guide 8.0 - Bare Metal Host	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
HONW-09-008400 - On all Honeywell Mobility Edge Android Pie devices, cryptography must be configured to be in FIPS 140-2 validated mode.	AirWatch - DISA Honeywell Android 9.x COBO v1r2	MDM	CONFIGURATION MANAGEMENT
HONW-09-008400 - On all Honeywell Mobility Edge Android Pie devices, cryptography must be configured to be in FIPS 140-2 validated mode.	MobileIron - DISA Honeywell Android 9.x COBO v1r2	MDM	CONFIGURATION MANAGEMENT
SLES-15-010260 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).	DISA SUSE Linux Enterprise Server 15 STIG v2r4	Unix	IDENTIFICATION AND AUTHENTICATION
WN10-UR-000090 - The Deny log on through Remote Desktop Services user right on Windows 10 workstations must at a minimum be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems.	DISA Microsoft Windows 10 STIG v3r4	Windows	ACCESS CONTROL

Detections

Analytics

Item Search