Item Search

NameAudit NamePluginCategory
1.1.8 Ensure nodev option set on /var partitionCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.4.1 Ensure core dumps are restrictedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.5.1.4 Ensure permissions on /etc/motd are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.4 Ensure suspicious packets are loggedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.2.3 Ensure outbound and established connections are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1.1 Ensure correct container image is set for stackdriver logging agentCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.14 Ensure only strong MAC algorithms are usedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1.4 Ensure inactive password lock is 30 days or lessCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION

6.2.12 Ensure no users have .netrc filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.13 Ensure the 'ALTER DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.14 Ensure no users have .rhosts filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

IDENTIFICATION AND AUTHENTICATION

CIS Control 3 (3.6(a)) Deploy Automated Software Patch Management ToolsCAS Implementation Group 1 Audit FileUnix

SYSTEM AND INFORMATION INTEGRITY

CIS Control 4 (4.3) Ensure the Use of Dedicated Administrative AccountsCAS Implementation Group 1 Audit FileUnix

ACCESS CONTROL

CIS_Red_Hat_EL8_Workstation_L2_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0CIS Red Hat EL8 Workstation L2 v3.0.0Unix
Salesforce.com : Administrator Access - 'No System Administrator accounts have been created since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Administrator Access - 'No System Administrator accounts have been modified since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : AuthConfig - 'Auth Providers = Facebook Execution User ID'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Janrain'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Email Services - 'AttachmentOption != 2 or 3'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'AuthenticationFailureAction != 2 or 3'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'IsTextAttachmentsAsBinary = False'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'OverLimitAction != 2'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

CONFIGURATION MANAGEMENT

Salesforce.com : Monitoring Login History - 'Users that have not logged in'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Network-Based Security - 'Login IP Addresses'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

AUDIT AND ACCOUNTABILITY

Salesforce.com : Object Permissions - 'DefaultAccountAccess should not be Public Read/Write or Public Read/Write/Transfer'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Securing Data Access - 'DashboardMobile iPad access'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'minimum password length >= 8'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Password Policies - 'Must mix numbers, uppercase and lowercase letters, and special characters'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : Setting Session Security - 'Review Site.com Contributor User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Site.com Publisher User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : Setting Session Security - 'Review Wireless User'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
SalesForce.com : User Permissions - 'Review Active System Administrators'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL