Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.19 (L1) Ensure 'Deny log on locally' to include 'Guests'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

2.4 Configure TCP Wrappers - Allow localhost.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - Deny access to this server from all networksCIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - enable tcp_wrappers for inetdCIS Solaris 10 L1 v5.2Unix
2.4 Configure TCP Wrappers - enable tcp_wrappers for rpc/bind. Note: This check is recommended by CIS, but not required.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

2.4 Configure TCP Wrappers - Make sure that /etc/hosts.deny does exist.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

2.11.8.7.2.1.6 (L1) Ensure 'Word 6.0 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Intune for Office v1.1.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

3.3 Enable Stack Protection - Makes sure 'noexec_user_stack_log' is set to 1 in /etc/system. Note: Only applicable if NX bit is set.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND INFORMATION INTEGRITY

3.11 Ensure 'encryption providers' are locked downCIS IIS 8.0 v1.5.1 Level 2Windows

ACCESS CONTROL

4.3 Enable Debug Level Daemon Logging - Check if daemon.debug is set to /var/log/connlogCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Debug Level Daemon Logging - Check if permissions for /var/log/connlog are OK.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable Debug Level Daemon Logging/4.4 Capture syslog AUTH Messages - Check if svc:/system/system-log is onlineCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

4.4 Capture syslog AUTH Messages - Check if auth.info is set to var/log/authlogCIS Solaris 10 L1 v5.2Unix
4.9 Enable Kernel Level Auditing - Check audit condition is set to auditingCIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

6.9 Harden host operating systemCIS Sybase 15.0 L1 DB v1.1.0SybaseDB
6.12 Set EEPROM Security Mode and Log Failed Access - SPARC only. Should *not* be 'security-mode=none'.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.2 Set Password Expiration Parameters on Active Accounts - Check MAXWEEKS is set to 13CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Password Expiration Parameters on Active Accounts - Check MINWEEKS is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Password Expiration Parameters on Active Accounts - Check WARNWEEKS is set to 4CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check DICTIONDBDIR is set to /var/passwdCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check DICTIONLIST is set to /usr/share/lib/dict/wordsCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check HISTORY is set to 10CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINLOWER is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check MINUPPER is set to 1CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check NAMECHECK is set to YESCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - Check PASSLENGTH is set to 8CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.3 Set Strong Password Creation Policies - WHITESPACE is set to YESCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/.login.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.6 Set Default umask for Users, Check if 'UMASK' is set to 077.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.7 Set Default umask for FTP Users - Check if 'defumask' is set to 077.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.8 Set 'mesg n' as Default for All Users in /etc/.loginCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

7.8 Set 'mesg n' as Default for All Users in /etc/profileCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

8.2 Create Warning Banner for CDE Users - CDE package was not foundCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is set appropriately.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is not set to default string.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is set appropriately.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.2 Create Warning Banner for CDE Users - Check if file permissions for files under /etc/dt/config/*/Xresources are OK.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

89.14 (L1) Ensure 'Deny Local Log On' to include 'Guests'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

DKER-EE-001810 - On Linux, a non-AUFS storage driver in the Docker Engine - Enterprise component of Docker Enterprise must be used.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-001830 - The userland proxy capability in the Docker Engine - Enterprise component of Docker Enterprise must be disabled.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-001890 - The option in Universal Control Plane (UCP) allowing users and administrators to schedule containers on all nodes, including UCP managers and Docker Trusted Registry (DTR) nodes must be disabled in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-001900 - The Create repository on push option in Docker Trusted Registry (DTR) must be disabled in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-001910 - Periodic data usage and analytics reporting in Universal Control Plane (UCP) must be disabled in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

CONFIGURATION MANAGEMENT

DTOO336 - Word 6.0 binary documents and templates must be configured for block open/save actions.DISA STIG Microsoft Word 2013 v1r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : disable-mobVMWare vSphere 6.5 Hardening GuideVMware

CONFIGURATION MANAGEMENT

PPS9-00-007700 - The EDB Postgres Advanced Server must utilize centralized management of the content captured in audit records generated by all components of the EDB Postgres Advanced Server.EDB PostgreSQL Advanced Server DB Audit v2r3PostgreSQLDB

AUDIT AND ACCOUNTABILITY

PPS9-00-007800 - The EDB Postgres Advanced Server must provide centralized configuration of the content to be captured in audit records generated by all components of the EDB Postgres Advanced Server.EDB PostgreSQL Advanced Server DB Audit v2r3PostgreSQLDB

AUDIT AND ACCOUNTABILITY