Item Search

Name	Audit Name	Plugin	Category
1.6.1.1 Ensure AppArmor is installed	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure AppArmor is enabled in the bootloader configuration - apparmor	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure AppArmor is enabled in the bootloader configuration - apparmor	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure AppArmor is enabled in the bootloader configuration - security	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing - sestatus	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL
1.6.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - unconfined	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	ACCESS CONTROL
1.6.1.7 Ensure SETroubleshoot is not installed	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - profiles loaded	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL
1.6.3 Ensure SELinux or AppArmor are installed	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL
1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - 0 processes are unconfined	CIS Debian Family Server L1 v1.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured - sestatus	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.7.1.5 Ensure the SELinux mode is enforcing - getenforce	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	ACCESS CONTROL
1.8.1.6 Ensure permissions on /etc/issue.net are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
2.2 Give the BIND User Account an Invalid Shell	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	ACCESS CONTROL
2.3.10.11 (L1) Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL
2.3.10.12 (L1) Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL
4.4 Ensure logrotate assigns appropriate permissions	CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0	Unix	ACCESS CONTROL
4.4 Ensure logrotate assigns appropriate permissions	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	ACCESS CONTROL
5.1 Set daemon umask - Check if CMASK is set to 022 in /etc/default/init.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
5.1 Use secure Realms	CIS Apache Tomcat 8 L2 v1.1.0 Middleware	Unix	ACCESS CONTROL
5.1.6 Ensure permissions on /etc/cron.monthly are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
5.1.8 Ensure cron is restricted to authorized users - '/etc/cron.allow'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	ACCESS CONTROL
5.1.8 Ensure cron is restricted to authorized users - '/etc/cron.deny'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.1.9 Ensure at is restricted to authorized users - '/etc/at.deny'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	ACCESS CONTROL
5.2.2 Ensure permissions on SSH private host key files are configured	CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0	Unix	ACCESS CONTROL
5.2.2 Ensure permissions on SSH private host key files are configured	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	ACCESS CONTROL
5.3.3 Ensure permissions on SSH public host key files are configured	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/pam.d/common-session	CIS Debian Family Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.5.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	ACCESS CONTROL
5.5.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.d	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	ACCESS CONTROL
6.1.7 Ensure permissions on /etc/shadow- are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
6.2.6 Ensure users' home directories permissions are 750 or more restrictive	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	ACCESS CONTROL
6.2.7 Ensure users own their home directories	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
6.2.7 Ensure users' dot files are not group or world writable	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	ACCESS CONTROL
6.2.13 Ensure users' .netrc Files are not group or world accessible	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.2.13 Ensure users' .netrc Files are not group or world accessible	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL
6.2.13 Ensure users' .netrc Files are not group or world accessible	CIS Debian 9 Workstation L1 v1.0.1	Unix	ACCESS CONTROL
6.2.20 Ensure shadow group is empty - /etc/group	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
6.2.20 Ensure shadow group is empty - /etc/passwd	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
7.4 Ensure directory in context.xml is a secure location - configuration	CIS Apache Tomcat 8 L1 v1.1.0 Middleware	Unix	ACCESS CONTROL
7.6 Ensure directory in logging.properties is a secure location - check log directory location	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL
7.6 Ensure directory in logging.properties is a secure location - check log directory location	CIS Apache Tomcat 9 L1 v1.2.0 Middleware	Unix	ACCESS CONTROL
7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
7.6 Set Default umask for Users, Check if 'UMASK' is set to 077.	CIS Solaris 10 L1 v5.2	Unix	ACCESS CONTROL
8.1 Restrict runtime access to sensitive packages	CIS Apache Tomcat 8 L1 v1.1.0	Unix	ACCESS CONTROL
8.1 Restrict runtime access to sensitive packages	CIS Apache Tomcat 8 L1 v1.1.0 Middleware	Unix	ACCESS CONTROL
10.19 Setting Security Lifecycle Listener (check for umask uncommented in startup)	CIS Apache Tomcat 7 L1 v1.1.0	Unix	ACCESS CONTROL
18.10.3.1 (L2) Ensure 'Allow a Windows app to share application data between users' is set to 'Disabled'	CIS Microsoft Windows Server 2019 v3.0.1 L2 MS	Windows	ACCESS CONTROL
18.10.4.1 (L2) Ensure 'Allow a Windows app to share application data between users' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2	Windows	ACCESS CONTROL
18.10.4.1 (L2) Ensure 'Allow a Windows app to share application data between users' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker	Windows	ACCESS CONTROL

Detections

Analytics

Item Search