Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.18 - MobileIron - Limit the 'number of messages' for 'Text message limit'MobileIron - CIS Google Android 4 v1.0.0 L2MDM

ACCESS CONTROL

1.2 Use the updated Linux KernelCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

1.2.21 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriateCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

AUDIT AND ACCOUNTABILITY

1.41 RHEL-09-213110CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT IIUnix

SYSTEM AND INFORMATION INTEGRITY

2.5 Do not use the aufs storage driverCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.1 Authentication and Verification of OSPF Routing Protocols - authentication message-digestTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

3.1 Authentication and Verification of OSPF Routing Protocols - message-digest-keyTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

4.6 Review audit queue sizeCIS Sybase 15.0 L1 DB v1.1.0SybaseDB
4.8 Remove setuid and setgid permissions in the imagesCIS Docker 1.12.0 v1.0.0 L2 DockerUnix
5.3.3.6.1 Ensure the operating system uses multifactor authentication for local access to accountsCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - lcreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - lcreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - lcreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - minlenCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - password-auth try_first_passCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - system-auth try_first_passCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - ucreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - ucreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.3.12 Ensure the operating system's shell initialization file is configured to start each shell with the tmux terminal multiplexerCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.4.3.13 Ensure the operating system enables the user to initiate a session lockCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

ACCESS CONTROL

CISC-RT-000680 - The Cisco PE switch providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN.DISA Cisco NX OS Switch RTR STIG v3r3Cisco

CONTINGENCY PLANNING

JBOS-AS-000135 - JBoss ROOT logger must be configured to utilize the appropriate logging level.DISA JBoss Enterprise Application Platform 6.3 STIG v2r6Unix

AUDIT AND ACCOUNTABILITY

OS10-RTR-000800 - The Dell OS10 multicast Designated Router (DR) must be configured to filter the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Report messages to allow hosts to join only multicast groups that have been approved by the organization.DISA Dell OS10 Switch Router STIG v1r1Dell_OS10

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-07-010110 - The Red Hat Enterprise Linux operating system must initiate a session lock for graphical user interfaces when the screensaver is activated.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-010280 - The Red Hat Enterprise Linux operating system must be configured so that passwords are a minimum of 15 characters in length.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010310 - The Red Hat Enterprise Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010340 - The Red Hat Enterprise Linux operating system must be configured so that users must provide a password for privilege escalation.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010342 - The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using 'sudo' - sudo.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-010470 - The Red Hat Enterprise Linux operating system must not allow a non-certificate trusted host SSH logon to the system.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-020320 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid owner.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-020330 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid group owner.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-020730 - The Red Hat Enterprise Linux operating system must be configured so that local initialization files do not execute world-writable programs.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-021700 - The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030510 - The Red Hat Enterprise Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030910 - The Red Hat Enterprise Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-040110 - The Red Hat Enterprise Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

RHEL-07-040190 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-040200 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-040370 - The Red Hat Enterprise Linux operating system must not permit direct logons to the root account using remote access via SSH.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040530 - The Red Hat Enterprise Linux operating system must display the date and time of the last successful account logon upon logon.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-040612 - The Red Hat Enterprise Linux operating system must use a reverse-path filter for IPv4 network traffic when possible by default.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040620 - The Red Hat Enterprise Linux operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets by default.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040641 - The Red Hat Enterprise Linux operating system must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040660 - The Red Hat Enterprise Linux operating system must not send Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040690 - The Red Hat Enterprise Linux operating system must not have a File Transfer Protocol (FTP) server package installed unless needed.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040712 - The Red Hat Enterprise Linux operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-041002 - The Red Hat Enterprise Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

SPLK-CL-000290 - Splunk Enterprise must be configured to send an immediate alert to the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated log record storage volume reaches 75 percent of the repository maximum log record storage capacity.DISA STIG Splunk Enterprise 7.x for Windows v3r2 REST APISplunk

AUDIT AND ACCOUNTABILITY