Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.1.2 Ensure chrony is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

2.2.1 Ensure 'AUDIT_SYS_OPERATIONS' Is Set to 'TRUE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.5 Ensure 'REMOTE_LISTENER' Is EmptyCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.9 Ensure 'Allow log on locally' is set to 'Administrators' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.9 Ensure 'Allow log on locally' is set to 'Administrators' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.14 Ensure 'SQL92_SECURITY' Is Set to 'TRUE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

2.2.15 Ensure '_trace_files_public' Is Set to 'FALSE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

2.2.26 Ensure 'Deny log on as a batch job' to include 'Guests' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

3.2.9 Ensure IPv6 router advertisements are not acceptedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.3 Ensure IPv6 outbound and established connections are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Ensure 'PASSWORD_REUSE_MAX' Is Greater than or Equal to '20'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION

3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

3.7 Ensure 'PASSWORD_VERIFY_FUNCTION' Is Set for All ProfilesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION

4.1.1.2 Ensure Logging Service is RunningCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2 Ensure logrotate is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.4 Ensure No Users Are Assigned the 'DEFAULT' ProfileCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

5.1.1.1 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Network" PackagesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Java" PackagesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "SQL Injection Helper" PackagesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.7 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "DBMS_CREDENTIAL" PackageCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.3.1 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'AUD$'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.3.2 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'DBA_%'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' TablesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.17 Ensure SSH LoginGraceTime is set to one minute or lessCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

5.2.2 Ensure password reuse is limitedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'DBSNMP'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.3 Ensure 'DBA' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.4 Ensure AUDIT_ADMIN' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.1.1 Ensure the 'USER' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.2 Configuring syslog - remote logging - auth.info in /etc/syslog.confCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.1.2 Ensure the 'ROLE' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.11 Ensure the 'GRANT ANY OBJECT PRIVILEGE' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.16 Ensure the 'ALTER SYSTEM' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.4 Ensure no legacy "+" entries exist in /etc/groupCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

6.2.5 Ensure root is the only UID 0 accountCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.5 Ensure the 'ALTER ROLE' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.10 Ensure users' dot files are not group or world writableCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.11 Ensure no users have .forward filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.11 Ensure the 'DROP PROFILE' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.18 Ensure the 'SELECT ANY DICTIONARY' Privilege Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

7.2.2 Ensure syslog is configured to send logs to a remote log hostCIS IBM AIX 7 v1.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.8.2 (L1) Ensure 'Require Encryption' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CIS Control 3 (3.6(b)) Deploy Automated Software Patch Management ToolsCAS Implementation Group 1 Audit FileUnix

SYSTEM AND INFORMATION INTEGRITY

CIS Control 8 (8.4) Configure Anti-Malware Scanning of Removable MediaCAS Implementation Group 1 Audit FileUnix

SYSTEM AND INFORMATION INTEGRITY

CIS_AIX_7.1_Benchmark_v2.1.0_Level_2.audit from CIS AIX 7.1 Benchmark v2.1.0 Level 2 BenchmarkCIS IBM AIX 7.1 L2 v2.1.0Unix
CIS_Apple_macOS_11.0_Big_Sur_v4.0.0_L1.audit from CIS Apple macOS 12.0 Big Sur Benchmark v4.0.0CIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix
CIS_Red_Hat_EL8_Server_L1_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0CIS Red Hat EL8 Server L1 v3.0.0Unix