Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS Debian 10 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.2 Create mozilla.cfg fileCIS Mozilla Firefox 102 ESR Linux L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.2 Create mozilla.cfg fileCIS Mozilla Firefox 102 ESR Windows L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.2.4 Create 'access-list' for use with 'line vty' - 'ACL deny is configured'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

1.2.4 Create 'access-list' for use with 'line vty' - 'ACL deny is configured'CIS Cisco IOS 12 L1 v4.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4 Create 'access-list' for use with 'line vty' - 'ACL permit tcp is configured'CIS Cisco IOS 12 L1 v4.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4 Create 'access-list' for use with 'line vty' - 'ACL permit tcp is configured'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

1.4.2 Ensure filesystem integrity is regularly checkedCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.8.3 Ensure last logged in user display is disabled - disable user listCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.9 Ensure GDM is removed or login is configured - disable-user-listCIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L2MDM

CONFIGURATION MANAGEMENT

2.2.1.6 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 End User OwnedMDM

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.9 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.9 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

ACCESS CONTROL

2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

ACCESS CONTROL

2.4.1.1 Ensure cron daemon is enabled and activeCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

4.2 Ensure 'Software Update' returns 'Your software is up to date.'MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1MDM

SYSTEM AND INFORMATION INTEGRITY

4.2 Ensure 'Software Update' returns 'Your software is up to date.'AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1MDM

SYSTEM AND INFORMATION INTEGRITY

5.10 (L1) Ensure DCUI has a trusted users list for lockdown modeCIS VMware ESXi 7.0 v1.5.0 L1VMware

ACCESS CONTROL

6.10.5.6 Ensure REST HTTPS Cipher List is Set to Suite B OnlyCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-ForCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY

18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT

18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

AIX7-00-003085 - The instsrv daemon must be disabled on AIX.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

Big Sur - Enforce Installation of XProtect, MRT, and Gatekeeper Updates AutomaticallyNIST macOS Big Sur v1.4.0 - 800-53r5 LowUnix

SYSTEM AND INFORMATION INTEGRITY

Big Sur - Enforce Installation of XProtect, MRT, and Gatekeeper Updates AutomaticallyNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

SYSTEM AND INFORMATION INTEGRITY

CISC-RT-000010 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000010 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.DISA STIG Cisco IOS Switch RTR v3r1Cisco

ACCESS CONTROL

Configuration files should be secured against unauthorized access.TNS IBM HTTP Server Best Practice MiddlewareUnix
DTBI127 - Installation of desktop items must be disallowed (Restricted Sites zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

EDGE-00-000061 - Relaunch notification must be required.DISA STIG Edge v2r2Windows

CONFIGURATION MANAGEMENT

JUEX-RT-000040 - The Juniper BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer.DISA Juniper EX Series Router v2r1Juniper

ACCESS CONTROL

Logs containing auditing information should be secured at the directory level.TNS IBM HTTP Server Best Practice MiddlewareUnix

AUDIT AND ACCOUNTABILITY

NTP client configuredTNS Citrix HypervisorUnix

AUDIT AND ACCOUNTABILITY

OL6-00-000001 - The system must use a separate file system for /tmp.DISA STIG Oracle Linux 6 v2r7Unix

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = Janrain'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com