Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.6 Ensure squashfs kernel module is not availableCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

1.1.2.1.2 Ensure nodev option set on /tmp partitionCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.2.3.1 Ensure separate partition exists for /homeCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.3.3 Ensure nosuid option set on /home partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.3 Ensure nosuid option set on /var partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.2 Ensure nodev option set on /var/log partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.2 Ensure nodev option set on /var/log/audit partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7 Ensure noexec option set on /dev/shm partition - mountCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.1.8 Ensure nodev option set on /dev/shm partition - fstabCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.1.9 Ensure nosuid option set on /dev/shm partition - fstabCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.1.27 Disable AutomountingCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.1.28 Disable USB Storage - blacklistCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.2.3 Ensure repo_gpgcheck is globally activatedCIS Amazon Linux 2 v3.0.0 L2Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4.3 Ensure core dump backtraces are disabledCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

1.5.1.2 Ensure SELinux is not disabled in bootloader configurationCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.5.1.8 Ensure SETroubleshoot is not installedCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.11 Ensure anti-virus is installed and runningCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure time synchronization is in useCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

2.2.9 Ensure network file system services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.3.3 Ensure nis client is not installedCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure dccp kernel module is not availableCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

4.1.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.1.8 Ensure crontab is restricted to authorized usersCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.3 Ensure permissions on SSH public host key files are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.4 Ensure sshd access is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.16 Ensure sshd MaxAuthTries is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.21 Ensure sshd PermitUserEnvironment is disabledCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

4.3.1 Ensure sudo is installedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

4.3.7 Ensure access to the su command is restrictedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.4.2.1.3 Ensure password unlock time is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

4.4.2.1.4 Ensure password failed attempts lockout includes root accountCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL

4.4.2.2.4 Ensure password complexity is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.3.1 Ensure pam_pwhistory module is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.3.4 Ensure pam_pwhistory includes use_authtokCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.5 Ensure all users last password change date is in the pastCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.5.2.2 Ensure root user umask is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.5.3.3 Ensure default user umask is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.2 Ensure rsyslog service is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.2.2 Ensure audit logs are not automatically deletedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.1 Ensure changes to system administration scope (sudoers) is collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.4.1 Ensure the audit log directory is 0750 or more restrictiveCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.8 Ensure audit tools are 755 or more restrictiveCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.4 Ensure permissions on /etc/group- are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.10 Ensure permissions on /etc/security/opasswd are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.5 Ensure no duplicate GIDs existCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.7 Ensure no duplicate group names existCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.10 Ensure local interactive user home directories are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION