Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.8 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.4 Verify That the MYSQL_PWD Environment Variable is Not in UseCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.4 Verify That the MYSQL_PWD Environment Variable is Not in UseCIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6 Verify That 'MYSQL_PWD' is Not Set in Users' ProfilesCIS MySQL 8.0 Community Linux OS L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure Binary and Relay Logs are EncryptedCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure that encryption-at-rest is enabled for RDS instancesCIS Amazon Web Services Foundations v5.0.0 L1amazon_aws

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 (L2) Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User must enter a password each time they use a key'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User must enter a password each time they use a key' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure 'cookie protection mode' is configured for forms authentication - DefaultCIS IIS 10 v1.2.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure 'passwordFormat' is not set to clear - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Ensure rotation for customer-created symmetric CMKs is enabledCIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.5 Ensure all current passwords uses the configured hashing algorithmCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5 Ensure Encryption of Data at RestCIS MongoDB 7 v1.1.0 L2 MongoDBWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.8 Ensure That Database Link Passwords Are Using The Latest EncryptionCIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS Oracle MySQL Community Server 8.4 v1.0.0 L2 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure Kubernetes Secrets are encrypted using keys managed in Cloud KMSCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.3.3 Ensure pam_pwhistory includes use_authtokCIS Debian Linux 12 v1.1.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.3.3 Ensure pam_pwhistory includes use_authtokCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.4 Ensure pam_unix includes use_authtokCIS Debian Linux 11 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.3 Ensure password hashing algorithm is SHA-512CIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.9.1 Enable Customer-Managed Encryption Keys (CMEK) for GKE Persistent Disks (PD)CIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensured 'HashPassword' is set in UsernameToken WS-Security policyCIS IBM WebSphere Liberty v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Amazon Linux 2023 Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.3 Ensure CallbackHandler is used to access private keys in keystore filesCIS IBM WebSphere Liberty v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.3.5 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.3.5 Ensure 'WDigest Authentication' is set to 'Disabled' - DisabledCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.3.9 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.8 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION