Item Search

NameAudit NamePluginCategory
1.2 Ensure systemd Service Files Are EnabledCIS PostgreSQL 15 OS v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.3 Ensure systemd Service Files Are EnabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.8 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

ACCESS CONTROL

5.2.2.3 (L1) Enable Conditional Access policies to block legacy authenticationCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

CONFIGURATION MANAGEMENT

5.2.2.3 (L1) Enable Conditional Access policies to block legacy authenticationCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

CONFIGURATION MANAGEMENT

5.7.1 Enable Security PostureCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

CONFIGURATION MANAGEMENT

5.10.5 Enable Security PostureCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

CONFIGURATION MANAGEMENT

6.1 Perform regular security audits of your host system and containersCIS Docker 1.12.0 v1.0.0 L1 DockerUnix
6.1 Perform regular security audits of your host system and containersCIS Docker 1.6 v1.0.0 L1 DockerUnix
6.1 Perform regular security audits of your host system and containersCIS Docker 1.11.0 v1.0.0 L1 DockerUnix
7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Review the rolesCIS IBM DB2 9 Benchmark v3.0.1 Level 1 DBIBM_DB2DB
9.23 Find Un-owned Files and DirectoriesCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

9.23 Find Un-owned Files and DirectoriesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.24 Find Files and Directories with Extended AttributesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.24 Find Un-owned Files and DirectoriesCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

CD12-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

IDENTIFICATION AND AUTHENTICATION

Ensure GPG keys are configured - yumTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure GPG keys are configured - zypper reposTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure ICMP redirects are not accepted - sysctl ipv4 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IP forwarding is disabled - sysctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IPv6 redirects are not accepted - sysctl ipv6 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure LDAP Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NIS Client is not installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NIS Client is not installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure SSH access is limitedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure SSH root login is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

EPAS-00-004950 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST-certified FIPS 140-2 or 140-3 installation of OpenSSL.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

IDENTIFICATION AND AUTHENTICATION

PPS9-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PPS9-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 ior 140-3 nstallation of OpenSSL.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

IDENTIFICATION AND AUTHENTICATION