Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.15 sqlnet.ora - 'log_directory_client parameter settings'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.20 sqlnet.ora - 'tcp.validnode_checking = YES'CIS v1.1.0 Oracle 11g OS L2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.02 OAS - 'Encryption Type - sqlnet.encryption_server = REQUIRED'CIS v1.1.0 Oracle 11g OS L2Unix

ACCESS CONTROL

5.05 OAS - 'Integrity Protection - sqlnet.crypto_checksum_client = REQUIRED'CIS v1.1.0 Oracle 11g OS L2Unix

ACCESS CONTROL

6.1.6 Ensure 'TEXT DATASTORE ACCESS' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

18.9.77.10.1 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.1 (L1) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.10.44.1 (L1) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

ALMA-09-008160 - AlmaLinux OS 9 must maintain an account lock until the locked account is manually released by an administrator; and not automatically after a set time.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

ACCESS CONTROL

ALMA-09-023010 - AlmaLinux OS 9 must disable the use of user namespaces.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-035660 - AlmaLinux OS 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

IDENTIFICATION AND AUTHENTICATION

ALMA-09-036760 - AlmaLinux OS 9 must require the change of at least four character classes when passwords are changed.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001402 - On a BIND 9.x server in a split DNS configuration, where separate name servers are used between the external and internal networks, the internal name server must be configured to not be reachable from outside resolvers.DISA BIND 9.x STIG v2r3Unix

CONFIGURATION MANAGEMENT

Disabling the admin accountTenable F5 BIG-IP Best Practice AuditF5

ACCESS CONTROL

Java permissions - Intranet ZoneMSCT Windows Server 2016 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Lock pages in memoryMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Logon options - Restricted Sites ZoneMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Navigate windows and frames across different domains - Internet ZoneMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Navigate windows and frames across different domains - Restricted Sites ZoneMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accounts and sharesMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Network security: Allow LocalSystem NULL session fallbackMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

O121-C2-014600 - The DBMS must support organizational requirements to enforce password encryption for storage.DISA STIG Oracle 12c v3r2 LinuxUnix

IDENTIFICATION AND AUTHENTICATION

Prevent bypassing SmartScreen Filter warningsMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

RHEL-09-213010 - RHEL 9 must restrict access to the kernel message buffer.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-213015 - RHEL 9 must prevent kernel profiling by nonprivileged users.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-213030 - RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

ACCESS CONTROL

RHEL-09-213035 - RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

ACCESS CONTROL

RHEL-09-253060 - RHEL 9 must limit the number of bogus Internet Control Message Protocol (ICMP) response errors logs.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

CONFIGURATION MANAGEMENT

Run .NET Framework-reliant components signed with Authenticode - Internet ZoneMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Run .NET Framework-reliant components signed with Authenticode - Restricted Sites ZoneMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Set the default behavior for AutoRunMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Specify the maximum log file size (KB) - SystemMSCT Windows Server 2016 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider. - attribute keyringDISA Symantec ProxySG Benchmark NDM v1r2BlueCoat

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

System objects: Require case insensitivity for non-Windows subsystemsMSCT Windows Server 2016 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn off Crash DetectionMSCT Windows Server 2016 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Turn on behavior monitoringMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Turn on SmartScreen Filter scan - Locked-Down Restricted Sites ZoneMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Turn On Virtualization Based Security - LsaCfgFlagsMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Use Pop-up Blocker - Internet ZoneMSCT Windows Server 2016 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Use Pop-up Blocker - Restricted Sites ZoneMSCT Windows Server 2016 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop.MSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Detect application installations and prompt for elevationMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

User Account Control: Virtualize file and registry write failures to per-user locationsMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-01-000014 - Oracle WebLogic must support the capability to disable network protocols deemed by the organization to be non-secure except for explicitly identified components in support of specific operational requirements.Oracle WebLogic Server 12c Linux v2r2Unix

CONFIGURATION MANAGEMENT

WBLC-01-000014 - Oracle WebLogic must support the capability to disable network protocols deemed by the organization to be non-secure except for explicitly identified components in support of specific operational requirements.Oracle WebLogic Server 12c Linux v2r2 MiddlewareUnix

CONFIGURATION MANAGEMENT

WBLC-01-000014 - Oracle WebLogic must support the capability to disable network protocols deemed by the organization to be non-secure except for explicitly identified components in support of specific operational requirements.Oracle WebLogic Server 12c Windows v2r2Windows

CONFIGURATION MANAGEMENT

WBLC-03-000128 - Oracle WebLogic must prohibit or restrict the use of unauthorized functions, ports, protocols, and/or services.Oracle WebLogic Server 12c Windows v2r2Windows

CONFIGURATION MANAGEMENT

WBLC-03-000128 - Oracle WebLogic must prohibit or restrict the use of unauthorized functions, ports, protocols, and/or services.Oracle WebLogic Server 12c Linux v2r2Unix

CONFIGURATION MANAGEMENT

Web sites in less privileged Web content zones can navigate into this zone - Restricted Sites ZoneMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

ZEBR-10-009400 - The Zebra Android 10 Work Profile must be configured to enforce the system application disable list.AirWatch - DISA Zebra Android 10 COPE v1r2MDM

CONFIGURATION MANAGEMENT