Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 18c Windows v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDBPostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDBPostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.8 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

ACCESS CONTROL

6.1 Perform regular security audits of your host system and containersCIS Docker 1.11.0 v1.0.0 L1 DockerUnix
6.1 Perform regular security audits of your host system and containersCIS Docker 1.12.0 v1.0.0 L1 DockerUnix
6.1 Perform regular security audits of your host system and containersCIS Docker 1.6 v1.0.0 L1 DockerUnix
7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Review the rolesCIS IBM DB2 9 Benchmark v3.0.1 Level 1 DBIBM_DB2DB
12.20 Monitor for development on production databases - 'Prevent development on production databases'CIS v1.1.0 Oracle 11g OS L1Unix
12.20 Monitor for development on production databases - 'Prevent development on production databases'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows
Audit SGID executablesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Audit system file permissions - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Audit system file permissions - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

CD12-00-009200 - Unused database components that are integrated in PostgreSQL and cannot be uninstalled must be disabled.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

CONFIGURATION MANAGEMENT

CD12-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

IDENTIFICATION AND AUTHENTICATION

DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'tns services are using correct service account'DISA STIG Oracle 11 Instance v9r1 OS UnixUnix

ACCESS CONTROL

Ensure access to the su command is restricted - pam_wheel.soTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure address space layout randomization (ASLR) is enabled - sysctl.confTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure AIDE is installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure AIDE is installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure all users last password change date is in the pastTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure DHCP Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure GDM login banner is configured - banner-message-enableTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure GPG keys are configured - apt-key listTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure HTTP Proxy Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure HTTP server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure ICMP redirects are not accepted - /etc/sysctl ipv4 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IP forwarding is disabled - /etc/sysctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure NFS and RPC are not enabled - RPCTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NIS Client is not installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure SSH HostbasedAuthentication is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Ensure TCP Wrappers is installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure TCP Wrappers is installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

EPAS-00-004950 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST-certified FIPS 140-2 or 140-3 installation of OpenSSL.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

PGS9-00-009200 - Unused database components which are integrated in PostgreSQL and cannot be uninstalled must be disabled.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

CONFIGURATION MANAGEMENT

PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

IDENTIFICATION AND AUTHENTICATION

PPS9-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PPS9-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 ior 140-3 nstallation of OpenSSL.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

IDENTIFICATION AND AUTHENTICATION