Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 Ensure /tmp is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.13 Ensure /var/tmp partition includes the nodev optionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

1.1.21 Ensure nodev option set on removable media partitionsCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

1.2.3 Ensure gpgcheck is globally activatedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.3.2 Ensure filesystem integrity is regularly checkedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.4.2 Ensure permissions on bootloader config are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.2.3 Ensure CUPS is not installedCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.4.7.2.2.4 (L1) Ensure 'Excel 2 worksheets' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Intune for Office v1.1.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.5 Ensure DHCP Server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.7 Ensure DNS Server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.9 Ensure HTTP server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.13 Ensure net-snmp is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.3.1 Ensure NIS Client is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.5.1.1 Ensure firewalld is installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure nftables is installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.3 Ensure iptables-services not installed with nftablesCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.11 Ensure nftables rules are permanentCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.2 Ensure iptables outbound and established connections are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.3 Ensure iptables rules exist for all open portsCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.5.3.3.1 Ensure ip6tables loopback traffic is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.4 Ensure ip6tables default deny firewall policyCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1.3 Ensure rsyslog default file permissions configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.1.5 Ensure rsyslog is configured to send logs to a remote log hostCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

5.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

5.3.7 Ensure SSH LogLevel is appropriateCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.3.20 Ensure SSH LoginGraceTime is set to one minute or lessCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.22 Ensure SSH PAM is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.2 Ensure system accounts are securedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.5.3 Ensure default group for the root account is GID 0CIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.4 Ensure default user shell timeout is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

5.7 Ensure access to the su command is restrictedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.9 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed'CIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.9 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

5.9 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

CONFIGURATION MANAGEMENT

5.12 Ensure 'OpenSSH SSH Server (sshd)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

CONFIGURATION MANAGEMENT

5.14 (L1) Ensure 'OpenSSH SSH Server (sshd)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

5.14 (L1) Ensure 'OpenSSH SSH Server (sshd)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

6.1.12 Ensure no ungrouped files or directories existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

6.2.3 Ensure all groups in /etc/passwd exist in /etc/groupCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

6.2.4 Ensure shadow group is emptyCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.7 Ensure no duplicate UIDs existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.11 Ensure all users' home directories existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

6.5.1 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated ciphersCIS VMware ESXi 8.0 v1.3.0 L1 UnixUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.6.8.5 Ensure 'Enable remote mailslots' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

CONFIGURATION MANAGEMENT

18.9.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.24.1 Ensure 'EMET 5.52' or higher is installedCIS Windows 7 Workstation Level 1 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.9.24.1 Ensure 'EMET 5.52' or higher is installedCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

WN25-SO-000150 - The Windows Server 2025 Smart Card removal option must be configured to Force Logoff or Lock Workstation.DISA Microsoft Windows Server 2025 STIG v1r1Windows

CONFIGURATION MANAGEMENT