Detections
Analytics

Item Search

NameAudit NamePluginCategory
Audit SGID executablesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Audit system file permissions - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Audit system file permissions - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure AIDE is installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure AIDE is installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure DHCP Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure GDM login banner is configured - banner-message-enableTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure GPG keys are configured - apt-key listTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure HTTP Proxy Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure HTTP server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure ICMP redirects are not accepted - /etc/sysctl ipv4 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IP forwarding is disabled - /etc/sysctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure NFS and RPC are not enabled - RPCTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NIS Client is not installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure rsyslog default file permissions configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure separate partition exists for /var/log/auditTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

Ensure session initiation information is collected - auditctl btmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure source routed packets are not accepted - /etc/sysctl ipv4 all accceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure source routed packets are not accepted - sysctl ipv4 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure SSH HostbasedAuthentication is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Ensure sticky bit is set on all world-writable directoriesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure successful file system mounts are collected - b64Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure syslog-ng is configured to send logs to a remote log hostTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure system accounts are non-loginTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure talk client is not installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure TCP Wrappers is installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure TCP Wrappers is installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure telnet server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure the MCS Translation Service (mcstrans) is not installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure unsuccessful unauthorized file access attempts are collected - b32 EPERMTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure updates, patches, and additional security software are installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure users' dot files are not group or world writableTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure users' home directories permissions are 750 or more restrictiveTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure xinetd is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Lockout for failed password attempts - 'auth [default=die] pam_faillock.so authfail audit deny=5 unlock_time=900'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Lockout for failed password attempts - 'auth required pam_faillock.so preauth audit silent deny=5 unlock_time=900'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Lockout for failed password attempts - 'auth sufficient pam_unix.so'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

NTP is not installed - restrict -4Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Windows Compliance Policy - Block USB debugging on deviceTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Compliance Policy - Maximum minutes of inactivity before password is requiredTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL

Windows Compliance Policy - Number of previous passwords to prevent reuseTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Windows Compliance Policy - Required password typeTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Windows Device Configuration - Browser Pop-upsTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - Cloud-delivered protectionTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

CONFIGURATION MANAGEMENT

Windows Device Configuration - Device name modificationTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - File Blocking LevelTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

SYSTEM AND INFORMATION INTEGRITY

Windows Device Configuration - Internet sharingTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - Monitor file and program activityTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

CONFIGURATION MANAGEMENT

Windows Device Configuration - Network and InternetTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Windows Device Configuration - OneDrive file syncTenable Best Practices for Microsoft Intune Windows v1.0microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT