Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.1.2 Ensure nodev option set on /tmp partitionCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.2.3.3 Ensure nosuid option set on /home partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.3 Ensure nosuid option set on /var partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.2 Ensure nodev option set on /var/log partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.2 Ensure nodev option set on /var/log/audit partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.4.3 Ensure core dump backtraces are disabledCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

1.5.1.2 Ensure SELinux is not disabled in bootloader configurationCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.5.1.8 Ensure SETroubleshoot is not installedCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.1.1 Ensure time synchronization is in useCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

2.2.9 Ensure network file system services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.3.3 Ensure nis client is not installedCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.8 Ensure 'credentials' are not stored in configuration filesCIS IIS 8.0 v1.5.1 Level 2Windows

IDENTIFICATION AND AUTHENTICATION

2.8 Ensure 'credentials' are not stored in configuration files - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

IDENTIFICATION AND AUTHENTICATION

3.2 Ensure 'debug' is turned offCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND INFORMATION INTEGRITY

3.3.10 Ensure tcp syn cookies is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.5.2.2 Ensure IPv6 loopback traffic is configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.3 Ensure IPv6 outbound and established connections are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3 Ensure iptables is installedCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Ensure 'httpcookie' mode is configured for session state - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1 Ensure 'maxAllowedContentLength' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.2.1.2 Ensure logging is configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure rsyslog default file permissions configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.2.2 Ensure rsyslog is installedCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Ensure non-ASCII characters in URLs are not allowed - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

5.1.4 Ensure permissions on /etc/cron.daily are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.9 Ensure SSH HostbasedAuthentication is disabledCIS Aliyun Linux 2 L1 v1.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.17 Ensure only strong ciphers are usedCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure password creation requirements are configured - minlenCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.1 Ensure password creation requirements are configured - ocreditCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth sufficient pam_faillock.so'CIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth sufficient pam_faillock.so'CIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.4 Ensure password hashing algorithm is SHA-512 - system-authCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.4 Ensure inactive password lock is 30 days or less - useraddCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.2 Ensure system accounts are non-loginCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.4.3 Ensure default group for the root account is GID 0CIS Aliyun Linux 2 L1 v1.0.0Unix

ACCESS CONTROL

6.1.4 Ensure permissions on /etc/group are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.8 Ensure permissions on /etc/group- are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.3 Ensure no legacy "+" entries exist in /etc/shadowCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.6 Ensure root PATH IntegrityCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.8 Ensure users' home directories permissions are 750 or more restrictiveCIS Aliyun Linux 2 L1 v1.0.0Unix

ACCESS CONTROL

6.2.10 Ensure users' dot files are not group or world writableCIS Aliyun Linux 2 L1 v1.0.0Unix

ACCESS CONTROL

6.2.11 Ensure no users have .forward filesCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.16 Ensure no duplicate UIDs existCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.18 Ensure no duplicate user names existCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

7.1 Ensure HSTS Header is setCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.12 Ensure TLS Cipher Suite ordering is ConfiguredCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION