Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled' - DisabledCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled' - DisabledCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.7 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.4.2 Enable 'service password-encryption'CIS Cisco IOS XE 17.x v2.2.0 L1Cisco

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure that the --cert-file and --key-file arguments are set as appropriateCIS Kubernetes v1.11.1 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure Binary and Relay Logs are EncryptedCIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMSMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.2 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User must enter a password each time they use a key' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure that the --auto-tls argument is not set to trueCIS Kubernetes v1.11.1 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriateCIS Kubernetes v1.11.1 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure 'passwordFormat' is not set to clear - DefaultCIS IIS 10 v1.2.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure that a unique Certificate Authority is used for etcdCIS Red Hat OpenShift Container Platform v1.7.0 L2OpenShift

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.3.4 Ensure pam_pwhistory includes use_authtokCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.3.4 Ensure pam_pwhistory includes use_authtokCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.3.4 Ensure pam_pwhistory includes use_authtokCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.3.3 Ensure pam_pwhistory includes use_authtokCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.4.4 Ensure pam_unix includes use_authtokCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.9 Enable data-at-rest encryption in MariaDBCIS MariaDB 10.6 on Linux L2 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS Debian Linux 11 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.4 Ensure pam_unix includes use_authtokCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.4 Ensure pam_unix includes use_authtokCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.4.4 Ensure pam_unix includes use_authtokCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.1.4 Ensure strong password hashing algorithm is configuredCIS Debian Linux 12 v1.1.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.1.4 Ensure strong password hashing algorithm is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.1.4 Ensure strong password hashing algorithm is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.1.4 Ensure strong password hashing algorithm is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.12 Ensure no users have .netrc filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.14 Ensure no users have .rhosts filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure default_authentication_plugin is Set to a Secure OptionCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Passwords are Not Stored in the Global ConfigurationCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on LinuxUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Passwords are Not Stored in the Global ConfigurationCIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L1 MySQL OS LinuxUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure Databases are Encrypted with TDECIS Microsoft SQL Server 2019 v1.5.0 L2 Database EngineMS_SQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure that swarm manager is run in auto-lock modeCIS Docker v1.7.0 L1 Docker SwarmUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.19 Ensure Manager Application Passwords are EncryptedCIS Apache Tomcat 10.1 v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.6 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.9 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.1 Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.61 Ensure 'Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.61 Ensure 'Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.61 Ensure 'Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION