Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3 Ensure nodev option set on /tmp partitionCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.10 Ensure nodev option set on /dev/shm partitionCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.1 Ensure dm-verity is enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.5.1.3 Ensure remote login warning banner is configured properlyCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.6 Ensure AppArmor is installedCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.7.8 Ensure GDM autorun-never is enabledCIS Ubuntu Linux 20.04 LTS v3.0.0 L1 WorkstationUnix

MEDIA PROTECTION

2.2.1 Ensure 'AUDIT_SYS_OPERATIONS' Is Set to 'TRUE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.4 Ensure 'OS_ROLES' Is Set to 'FALSE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

2.2.5 Ensure 'REMOTE_LISTENER' Is EmptyCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.14 Ensure 'SQL92_SECURITY' Is Set to 'TRUE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

2.2.15 Ensure '_trace_files_public' Is Set to 'FALSE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT nullCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

3.1.1 Ensure packet redirect sending is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not acceptedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.3 Ensure iptables is installedCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Ensure 'PASSWORD_REUSE_MAX' Is Greater than or Equal to '20'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION

3.7 Ensure 'PASSWORD_VERIFY_FUNCTION' Is Set for All ProfilesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION

4.1.1.3 Ensure logging is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2.1 Ensure journald is configured to compress large log filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2.5 Ensure access to /etc/security is configuredCIS IBM AIX 7 v1.1.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Java" PackagesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure permissions on SSH public host key files are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' TablesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure SSH IgnoreRhosts is enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.11 Ensure SSH PermitEmptyPasswords is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.1.21 Ensure SSH MaxStartups is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

5.2.6 Ensure 'SELECT ANY TABLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.14 Ensure 'GRANT ANY OBJECT PRIVILEGE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.2 Ensure system accounts are securedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

5.3.3 Ensure 'DBA' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.4 Ensure AUDIT_ADMIN' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.1.1 Ensure the 'USER' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.2 Ensure the 'ROLE' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.6 Ensure permissions on /etc/shadow- are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.7 Ensure the 'PUBLIC SYNONYM' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.8 Ensure the 'SYNONYM' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.11 Ensure the 'GRANT ANY OBJECT PRIVILEGE' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.16 Ensure the 'ALTER SYSTEM' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.3 Ensure the 'DROP USER' Audit Option Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.4 Ensure the 'CREATE ROLE' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.7 Ensure all users' home directories existCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

6.2.7 Ensure the 'GRANT' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.19 Ensure the 'AUDSYS.AUD$UNIFIED' Access Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.23 Ensure the 'ALTER SYSTEM' Action Audit is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.26 Ensure the 'DROP TRIGGER' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION

18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

18.6.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication', 'Require Integrity', and 'Require Privacy' set for all NETLOGON and SYSVOL shares'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

IDENTIFICATION AND AUTHENTICATION