Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.3.1.8 Set 'Turn off Internet download for Web publishing and online ordering wizards' to 'Enabled'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

2.2 Ensure the ESXi host firewall is configured to restrict access to services running on the hostCIS VMware ESXi 6.7 v1.3.0 Level 1 Bare MetalUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators, ENTERPRISE DOMAIN CONTROLLERS' (DC only)CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators, ENTERPRISE DOMAIN CONTROLLERS' (DC only)CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.7 Ensure 'Allow log on locally' is set to 'Administrators, ENTERPRISE DOMAIN CONTROLLERS' (DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.3 Disable Managed Object Browser (MOB)CIS VMware ESXi 5.5 v1.2.0 Level 1VMware
2.9 Ensure the Basic and Digest Authentication Modules are DisabledCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

2.9 Ensure the Basic and Digest Authentication Modules are DisabledCIS Apache HTTP Server 2.4 v2.2.0 L1Unix

CONFIGURATION MANAGEMENT

2.9 Ensure the Basic and Digest Authentication Modules are Disabled - auth_basic_moduleCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.9 Ensure the Basic and Digest Authentication Modules are Disabled - auth_basic_moduleCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.9 Ensure the Basic and Digest Authentication Modules are Disabled - auth_digest_moduleCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.9 Ensure the Basic and Digest Authentication Modules are Disabled - auth_digest_moduleCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

SYSTEM AND INFORMATION INTEGRITY

10.20 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xmlCIS Apache Tomcat 7 L1 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

AIOS-12-010600 - Apple iOS must implement the management setting: limit Ad Tracking.MobileIron - DISA Apple iOS 12 v2r1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-15-010500 - Apple iOS/iPadOS 15 must implement the management setting: limit Ad Tracking.AirWatch - DISA Apple iOS/iPadOS 14 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-16-010500 - Apple iOS/iPadOS 16 must implement the management setting: limit Ad Tracking.MobileIron - DISA Apple iOS/iPadOS 16 v2r1MDM

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Allow META REFRESHMSCT Windows Server v20H2 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows 11 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows Server 1903 DC v1.19.9Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows Server v1909 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows Server v2004 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows Server 2016 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows Server 2019 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows 10 1809 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows Server 2025 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows 11 v24H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow META REFRESHMSCT Windows 11 v23H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

DISA_Oracle_11g_Instance_v9r1_OS_Windows.audit from DISA Oracle Database 11g Instance STIG v9r1 STIGDISA STIG Oracle 11 Instance v9r1 OS WindowsWindows
DISA_STIG_Apache_Site-2.2_Unix_v1r11.audit from DISA Apache 2.2 Unix STIG v1r11DISA STIG Apache Site 2.2 Unix v1r11Unix
DISA_STIG_Apple_OS_X_10.13_v2r5.audit from DISA Apple OS X 10.13 v2r5 STIGDISA STIG Apple Mac OSX 10.13 v2r5Unix
DISA_STIG_Microsoft_Sharepoint_Designer_2013_v1r3.audit from DISA STIG Microsoft Sharepoint Designer 2013 v1r3DISA STIG Microsoft Sharepoint Designer 2013 v1r3Windows
DISA_STIG_VMware_vSphere_6.7_ESXi_Bare_Metal_Host_v1r3.audit from DISA VMware vSphere 6.7 ESXi v1r3 STIGDISA STIG VMware vSphere 6.7 ESXi OS v1r3Unix
DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-019 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTBC-0073 - Web Bluetooth API must be disabled.DISA STIG Google Chrome v2r9Windows

CONFIGURATION MANAGEMENT

FFOX-00-000015 - Firefox development tools must be disabled.DISA STIG Mozilla Firefox Linux v6r6Unix

SYSTEM AND INFORMATION INTEGRITY

FFOX-00-000015 - Firefox development tools must be disabled.DISA STIG Mozilla Firefox MacOS v6r6Unix

SYSTEM AND INFORMATION INTEGRITY

PANW-NM-000024 - The Palo Alto Networks security platform must generate audit records when successful/unsuccessful attempts to access privileges occur.DISA STIG Palo Alto NDM v3r3Palo_Alto

AUDIT AND ACCOUNTABILITY

SP13-00-000150 - The SharePoint Central Administration site must not be accessible from Extranet or Internet connections.DISA STIG SharePoint 2013 v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SPLK-CL-000045 - Splunk Enterprise must use an SSO proxy service, F5 device, or SAML implementation to accept the DOD common access card (CAC) or other smart card credential for identity management, personal authentication, and multifactor authentication.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

IDENTIFICATION AND AUTHENTICATION

SYMP-AG-000020 - Symantec ProxySG providing intermediary services for remote access communications traffic must ensure outbound traffic is monitored for compliance with remote access security policies.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

ACCESS CONTROL

VCLD-80-000097 The vCenter VAMI service must disable client initiated TLS renegotiation.DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1Unix

CONFIGURATION MANAGEMENT

WA000-WWA026 A22 - The httpd.conf StartServers directive must be set properly.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA000-WWA064 A22 - The HTTP request header field size must be limited.DISA STIG Apache Server 2.2 Unix v1r11Unix

CONFIGURATION MANAGEMENT

WA000-WWA064 A22 - The HTTP request header field size must be limited.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA000-WWA064 W22 - The HTTP request header field size must be limited.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WBLC-03-000128 - Oracle WebLogic must prohibit or restrict the use of unauthorized functions, ports, protocols, and/or services.Oracle WebLogic Server 12c Linux v2r2 MiddlewareUnix

CONFIGURATION MANAGEMENT

WG140 A22 - Private web servers must require certificates issued from a DoD-authorized Certificate Authority.DISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WG140 A22 - Private web servers must require certificates issued from a DoD-authorized Certificate Authority.DISA STIG Apache Site 2.2 Unix v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION