Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.7.2 Ensure local login warning banner is configured properlyCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.3 Ensure remote login warning banner is configured properlyCIS CentOS Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.2 Ensure GDM login banner is configuredCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.23 Ensure 'log_hostname' is set correctlyCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure packet redirect sending is disabledCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.2 Ensure ICMP redirects are not acceptedCIS CentOS Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.2 Ensure ICMP redirects are not acceptedCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.8 Ensure TCP SYN Cookies is enabledCIS CentOS Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.9 Ensure IPv6 router advertisements are not acceptedCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1.2 Minimize access to secretsCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L1GCP

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1.2 Minimize access to secretsCIS Google Kubernetes Engine (GKE) v1.7.0 L1GCP

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.6 Ensure excessive DML privileges are revokedCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.9 Make use of predefined rolesCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.9 Ensure SSH PermitEmptyPasswords is disabledCIS CentOS Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.10 Ensure SSH PermitUserEnvironment is disabledCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.17 Ensure SSH MaxStartups is configuredCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.2 Ensure authselect includes with-faillockCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6.1.1 Ensure password expiration is 365 days or lessCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6.1.2 Ensure minimum days between password changes is 7 or moreCIS CentOS Linux 8 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6.1.2 Ensure minimum days between password changes is 7 or moreCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6.1.2 Ensure minimum days between password changes is 7 or moreCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6.4 Ensure default group for the root account is GID 0CIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2 Set EEPROM Security Mode and Log Failed Access (SPARC)CIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.7 Ensure root PATH IntegrityCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.8 Ensure root is the only UID 0 accountCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.14 Ensure no users have .forward filesCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.15 Ensure no users have .netrc filesCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.15 Secure the GRUB Menu (Intel)CIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.22 (L1) Virtual machines must deactivate virtual disk wiping operationsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.1 Create Warnings for Standard Login ServicesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.5 Check that the Banner Setting for telnet is NullCIS Oracle Solaris 11.4 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Windows Server 2012 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.4 (L1) Ensure 'Configure security policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.4 (L1) Ensure 'Configure security policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.5 (L1) Ensure 'Configure security policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION