Item Search

NameAudit NamePluginCategory
1.2 Ensure systemd Service Files Are EnabledCIS PostgreSQL 15 OS v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.3 Ensure systemd Service Files Are EnabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.8 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

ACCESS CONTROL

5.2.2.3 (L1) Enable Conditional Access policies to block legacy authenticationCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

CONFIGURATION MANAGEMENT

5.2.2.3 (L1) Enable Conditional Access policies to block legacy authenticationCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

CONFIGURATION MANAGEMENT

5.7.1 Enable Security PostureCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

CONFIGURATION MANAGEMENT

6.1 Perform regular security audits of your host system and containersCIS Docker 1.12.0 v1.0.0 L1 DockerUnix
6.1 Perform regular security audits of your host system and containersCIS Docker 1.6 v1.0.0 L1 DockerUnix
6.1 Perform regular security audits of your host system and containersCIS Docker 1.11.0 v1.0.0 L1 DockerUnix
7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.23 Find Un-owned Files and DirectoriesCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

9.23 Find Un-owned Files and DirectoriesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.24 Find Files and Directories with Extended AttributesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.24 Find Un-owned Files and DirectoriesCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

Audit system file permissions - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

CD12-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

IDENTIFICATION AND AUTHENTICATION

DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'tns services are using correct service account'DISA STIG Oracle 11 Instance v9r1 OS UnixUnix

ACCESS CONTROL

Ensure Avahi Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure DNS Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure FTP Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure GDM login banner is configured - banner-message-textTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure GDM login banner is configured - file-dbTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure LDAP client is not installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NIS Client is not installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure Reverse Path Filtering is enabled - /etc/sysctl ipv4 default rp_filterTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure Reverse Path Filtering is enabled - sysctl ipv4 all rp_filterTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

EPAS-00-004950 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST-certified FIPS 140-2 or 140-3 installation of OpenSSL.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

IDENTIFICATION AND AUTHENTICATION

PPS9-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PPS9-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 ior 140-3 nstallation of OpenSSL.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

IDENTIFICATION AND AUTHENTICATION