Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfileCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.29 Ensure that the --encryption-provider-config argument is set as appropriateCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.30 Ensure that encryption providers are appropriately configuredCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.31 Ensure that the --etcd-cafile argument is set as appropriateCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.4.2 Enable 'service password-encryption'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure that the --cert-file and --key-file arguments are set as appropriate - certCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure that the --cert-file and --key-file arguments are set as appropriate - keyCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.1.1.1 Ensure Critical Data is Encrypted with Microsoft Managed Keys (MMK)CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.11.1 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.4 (L1) Ensure 'Network security: Configure encryption types allowed for Kerberos' is set to 'AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future encryption types'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 (L2) Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 (L2) Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L2Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 (L2) Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 (L2) Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriate - keyCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.3.4 Ensure pam_pwhistory includes use_authtokCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.3.3 Ensure pam_pwhistory includes use_authtokCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.3.3 Ensure pam_pwhistory includes use_authtokCIS Red Hat EL8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.3.3 Ensure pam_pwhistory includes use_authtokCIS Red Hat EL8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS Rocky Linux 8 Server L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.4 Ensure pam_unix includes use_authtokCIS Red Hat EL8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.4 Ensure pam_unix includes use_authtokCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS Oracle Linux 8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.2.3.3 Ensure pam_pwhistory includes use_authtokCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.2.4.4 Ensure pam_unix includes use_authtokCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.3.3 Ensure pam_pwhistory includes use_authtokCIS Debian Linux 12 v1.1.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.3.3 Ensure pam_pwhistory includes use_authtokCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.3.3 Ensure pam_pwhistory includes use_authtokCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.3.3 Ensure pam_pwhistory includes use_authtokCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.1.4 Ensure strong password hashing algorithm is configuredCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.1.4 Ensure strong password hashing algorithm is configuredCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.3 Ensure password hashing algorithm is SHA-512CIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.8 Ensure that a 'Custom banned password list' is set to 'Enforce'CIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

7.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.59.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION