Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2 Ensure Installation of Binary PackagesCIS PostgreSQL 10 OS v1.0.0Unix

CONFIGURATION MANAGEMENT

1.4 Ensure systemd Service Files Are EnabledCIS PostgreSQL 10 OS v1.0.0Unix

SYSTEM AND SERVICES ACQUISITION

1.5 Ensure Data Cluster Initialized SuccessfullyCIS PostgreSQL 10 OS v1.0.0Unix

ACCESS CONTROL

2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwdCIS PostgreSQL 11 OS v1.0.0Unix

ACCESS CONTROL

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.3 Ensure the logging collector is enabledCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.7 Ensure 'log_truncate_on_rotation' is enabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.8 Ensure the maximum log file lifetime is set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.9 Ensure the maximum log file size is set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.11 Ensure syslog messages are not suppressedCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.12 Ensure syslog messages are not lost due to sizeCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.13 Ensure the correct SQL statements generating errors are recordedCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.14 Ensure 'debug_print_parse' is disabledCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.19 Ensure 'debug_pretty_print' is enabled - debug_pretty_print is enabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.19 Ensure 'log_disconnections' is enabledCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.25 Ensure 'log_statement' is set correctly - log_statement is set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabledCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

4.2 Ensure excessive administrative privileges are revokedCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

4.3 Ensure excessive function privileges are revokedCIS PostgreSQL 10 OS v1.0.0Unix

ACCESS CONTROL

4.5 Use pg_permission extension to audit object permissionsCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

4.6 Ensure excessive DML privileges are revokedCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1 Do Not Specify Passwords in the Command LineCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly - local UNIX Domain Socket is configured correctlyCIS PostgreSQL 12 OS v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1 Ensure 'Attack Vectors' Runtime Parameters are ConfiguredCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

6.4 Ensure 'SIGHUP' Runtime Parameters are ConfiguredCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT

6.7 Blocking Authentication Using Empty/Null Passwords for SSH - PermitEmptyPasswords = noCIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 10 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 11 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure base backups are configured and functionalCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

CONTINGENCY PLANNING

7.2 Set Strong Password Creation Policies - DICTIONDBDIR = /var/passwdCIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Ensure base backups are configured and functionalCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONTINGENCY PLANNING

7.4 Ensure WAL archiving is configured and functional - archive_commandCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure streaming replication parameters are configured correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Create Warnings for Standard Login Services - etc/motd contentsCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

8.4 Enable a Warning Banner for the FTP service - DisplayConnect /etc/issueCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

8.4 Ensure miscellaneous configuration settings are correctCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

9.1 Check for Remote ConsolesCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

9.7 Check Permissions on User Home DirectoriesCIS Solaris 11 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.10 Check for Presence of User .rhosts FilesCIS Solaris 11 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.15 Check for Duplicate UIDsCIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

9.16 Check for Duplicate GIDsCIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

9.21 Check for Presence of User .forward FilesCIS Solaris 11 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

10.2 SN.2 Remove Support for Internet Services (inetd)CIS Solaris 11 L2 v1.1.0Unix