Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6 Ensure separate partition exists for /varCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.2.2 Ensure GPG keys are configuredCIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

2.1 Create Separate Partition for /tmpCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.2.1 - Configuring SSH - installation - 'openssh.msg.en_US is installed'CIS AIX 5.3/6.1 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.2.1 - Configuring SSH - installation - 'openssl.license is installed'CIS AIX 5.3/6.1 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.3.5 Ensure LDAP client is not installedCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

2.022 - Disallow AutoPlay/Autorun from Autorun.infDISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

3.2.1.11 Ensure 'Allow installing configuration profiles' is set to 'Disabled'MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.027 - Printer share permissions are not configured as recommended.DISA Windows Vista STIG v6r41Windows

ACCESS CONTROL

18.5.11.1 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AADC-CL-000275 - Adobe Acrobat Pro DC Classic PDF file attachments must be blocked.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CL-001015 - Adobe Acrobat Pro DC Classic Protected View must be enabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Huawei: Disable FTP IPV4TNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Disable FTP IPV6TNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Disable Telnet on IPV6TNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Require service timestampTNS Huawei VRP Best Practice AuditHuawei

AUDIT AND ACCOUNTABILITY

Huawei: SSH Max Retries <= 3TNS Huawei VRP Best Practice AuditHuawei

ACCESS CONTROL

Huawei: User Interfaces are AuthenticatedTNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Huawei: User Interfaces Configured Inbound SSHTNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

OL07-00-020029 - The Oracle Linux operating system must use a file integrity tool to verify correct operation of all security functions.DISA Oracle Linux 7 STIG v3r2Unix

SYSTEM AND INFORMATION INTEGRITY

OpenStack Compute - user/group ownership of config files set to root/nova - /etc/nova/api-paste.iniTNS OpenStack Nova/Compute Security GuideUnix

CONFIGURATION MANAGEMENT

OpenStack Horizon - CSRF_COOKIE_SECURE parameter set to TrueTNS OpenStack Dashboard/Horizon Security GuideUnix

SYSTEM AND COMMUNICATIONS PROTECTION

OpenStack Horizon - USE_SSL parameter set to TrueTNS OpenStack Dashboard/Horizon Security GuideUnix

SYSTEM AND COMMUNICATIONS PROTECTION

OpenStack Horizon - user/group of config files set to root/horizon - /etc/openstack-dashboard/local_settings.pyTNS OpenStack Dashboard/Horizon Security GuideUnix

CONFIGURATION MANAGEMENT

OpenStack Identity - Identity uses strong hashing algorithms for PKI tokensTNS OpenStack Keystone/Identity Security GuideUnix

SYSTEM AND COMMUNICATIONS PROTECTION

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/keystone-paste.iniTNS OpenStack Keystone/Identity Security GuideUnix

CONFIGURATION MANAGEMENT

OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/ssl/certs/ca.pemTNS OpenStack Keystone/Identity Security GuideUnix

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/keystone-paste.iniTNS OpenStack Keystone/Identity Security GuideUnix

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/policy.jsonTNS OpenStack Keystone/Identity Security GuideUnix

CONFIGURATION MANAGEMENT

OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/ssl/certs/signing_cert.pemTNS OpenStack Keystone/Identity Security GuideUnix

CONFIGURATION MANAGEMENT

OpenStack Networking - secure protocol used for authenticationTNS OpenStack Neutron/Networking Security GuideUnix
OpenStack Networking - user/group ownership of config files set to root/neutron - /etc/neutron/policy.jsonTNS OpenStack Neutron/Networking Security GuideUnix

CONFIGURATION MANAGEMENT

OpenStack Networking - user/group ownership of config files set to root/neutron - /etc/neutron/rootwrap.confTNS OpenStack Neutron/Networking Security GuideUnix

CONFIGURATION MANAGEMENT

Salesforce.com : Administrator Access - 'No System Administrator accounts have been created since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : Administrator Access - 'No System Administrator accounts have been modified since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

Salesforce.com : AuthConfig - 'Auth Providers = Facebook Execution User ID'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Janrain'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Error URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Send Client Credentials in Header'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Endpoint URL'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
SalesForce.com : User Permissions - 'Review Active System Administrators'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

SQL6-D0-004200 - SQL Server must protect against a user falsely repudiating by ensuring only clearly unique Active Directory user accounts can connect to the instance.DISA STIG SQL Server 2016 Instance DB Audit v3r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

WDNS-CM-000019 - Primary authoritative name servers must be configured to only receive zone transfer requests from specified secondary name servers.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

CONFIGURATION MANAGEMENT

WG204 IIS6 - A web server must not be co-hosted with other servicesDISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT