Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.3 Ensure mounting of udf filesystems is disabled - lsmodCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.4 Ensure nodev option set on /tmp partitionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.10 Ensure separate partition exists for /varCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.2 Ensure permissions on bootloader config are configured - grub.cfgCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.3 Ensure authentication required for single user modeCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.1 Ensure core dumps are restricted - systemd-coredump ProcessSizeMaxCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7 Ensure the System is Managed by a Mobile Device Management (MDM) SoftwareCIS Apple macOS 15.0 Sequoia v1.1.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.4 Ensure remote login warning banner is configured properlyCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.3 Ensure last logged in user display is disabled - disable user listCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.3 Ensure last logged in user display is disabled - file-dbCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.1.2 Audit App Store Password SettingsCIS Apple macOS 15.0 Sequoia v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.5.5 (L1) Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only)CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.5.5 Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.6.1.1 Ensure Location Services Is EnabledCIS Apple macOS 15.0 Sequoia v1.1.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.8.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10 (L1) Host must restrict inter-VM transparent page sharingCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure IP forwarding is disabledCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.13 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'AirWatch - CIS Apple iOS 18 v1.0.0 L2 Institution OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1.15 Ensure 'Allow installing configuration profiles' is set to 'Disabled'MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure packet redirect sending is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.1 Ensure source routed packets are not acceptedCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.4 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects = 0'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.8 Ensure Reverse Path Filtering is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.9 Ensure TCP SYN Cookies is enabled - sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.10 Ensure IPv6 router advertisements are not accepted - files 'net.ipv6.conf.all.accept_ra = 0'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.10 Ensure IPv6 router advertisements are not accepted - files 'net.ipv6.conf.default.accept_ra = 0'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.17 Ensure sshd MaxStartups is configuredCIS Oracle Linux 8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.2.1 Ensure default group for the root account is GID 0CIS Red Hat EL8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.10.26.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.23 Ensure SSH MaxSessions is limited - sshdCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.24 Ensure SSH MaxStartups is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.24 Ensure SSH MaxStartups is configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.25 Ensure SSH MaxSessions is limitedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.14 Audit SGID executablesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.4 Ensure shadow group is empty - /etc/groupCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.4 Ensure shadow group is empty - /etc/passwdCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.10 Ensure root PATH IntegrityCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.11 Ensure all users' home directories existCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.15 Ensure no users have .forward filesCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.18 Ensure shadow group is emptyCIS SUSE Linux Enterprise 12 v3.2.1 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.1.2.2 (L1) Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.1.2.2 (L1) Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.4.7 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION