Item Search

Name	Audit Name	Plugin	Category
1.4.1 Ensure 'Idle timeout' is less than or equal to 10 minutes for device management	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	ACCESS CONTROL
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	ACCESS CONTROL
2.1.1 Disable Bluetooth, if no paired devices exist	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix
2.2.3 Restrict NTP server to loopback interface	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.3.4 Set a screen corner to Start Screen Saver	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.4.2 Disable Internet Sharing	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.4.8 Disable File Sharing - AppleFileServer	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.6 Ensure that the User-ID service account does not have interactive logon rights	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	ACCESS CONTROL
2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
2.10 Enable Secure Keyboard Entry in terminal.app	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
3.5 Retain install.log for 365 or more days	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
4.2 Enable 'Show Wi-Fi status in menu bar'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
4.5 Ensure ftp server is not running	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
4.7 Restrict access to Tomcat web application directory	CIS Apache Tomcat 9 L1 v1.2.0 Middleware	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.1 Configure account lockout threshold	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
5.2.5 Complex passwords must contain a Special Character	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.2.6 Complex passwords must contain uppercase and lowercase letters	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix
5.2.8 Password History	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.7 Do not enable the 'root' account	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
6.1.2 Disable 'Show password hints'	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing	CIS Apple OSX 10.10 Yosemite L1 v1.2.0	Unix	ACCESS CONTROL
7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zone	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	ACCESS CONTROL, MEDIA PROTECTION
7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web application	CIS Apache Tomcat 9 L1 v1.2.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default	CIS Apache Tomcat 9 L1 v1.2.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources Exists	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	ACCESS CONTROL, MEDIA PROTECTION
7.4 Ensure that logging is enabled on built-in default security policies	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	SYSTEM AND INFORMATION INTEGRITY
8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
10.01 Enterprise Management studio mode - 'Access to the enterprise management in studio must be limited'	CIS v1.1.0 Oracle 11g OS L1	Unix
10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml	CIS Apache Tomcat 9 L1 v1.2.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
18.9.31.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.31.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.9.2.13 (L1) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.9.2.14 (L1) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.10.2.10 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.10.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	ACCESS CONTROL
18.10.10.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL
18.10.36.1 (L1) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT
Configure Microsoft Defender SmartScreen to block potentially unwanted apps	MSCT Microsoft Edge Version 81 v1.0.0	Windows	SYSTEM AND INFORMATION INTEGRITY
O121-C2-014200 - The DBMS must support organizational requirements to enforce password complexity by the number of lowercase characters used.	DISA STIG Oracle 12c v3r2 Database	OracleDB	IDENTIFICATION AND AUTHENTICATION
SPLK-CL-000100 - Splunk Enterprise installation directories must be secured.	DISA STIG Splunk Enterprise 7.x for Windows v3r1 OS	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search