Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.3 Ensure hfs kernel module is not availableCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.2.4.2 Ensure nodev option set on /var partitionCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.2.2 Ensure gpgcheck is globally activatedCIS Amazon Linux 2 v3.0.0 L1Unix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5.1.6 Ensure no unconfined services existCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.6.1 Ensure message of the day is configured properlyCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

2.1.3 Ensure chrony is not run as the root userCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

2.2.1 Ensure autofs services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

MEDIA PROTECTION

2.2.4 Ensure dns server services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.8 Ensure message access server services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.18 Ensure web server services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.19 Ensure xinetd services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.4 Ensure 'forms authentication' is set to use cookies - ApplicationCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.4 Ensure 'forms authentication' is set to use cookies - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.8 Ensure 'credentials' are not stored in configuration files - DefaultCIS IIS 10 v1.2.1 Level 2Windows

IDENTIFICATION AND AUTHENTICATION

3.1.3 Ensure bluetooth services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.2 Ensure 'debug' is turned off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.3 Ensure custom error messages are not off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.3.6 Ensure secure icmp redirects are not acceptedCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.3.7 Ensure reverse path filtering is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.4.2.2 Ensure firewalld service enabled and runningCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.5 Ensure nftables loopback traffic is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Ensure 'httpcookie' mode is configured for session state - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.11 Ensure 'encryption providers' are locked downCIS IIS 8.0 v1.5.1 Level 2Windows

ACCESS CONTROL

5.1.2.1.1 Ensure systemd-journal-remote is installedCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.4 Ensure journald is not configured to receive logs from a remote clientCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

5.1.2.2 Ensure journald service is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.3 Ensure journald is configured to compress large log filesCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.3 Ensure logrotate is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.2.5 Ensure SSH LogLevel is appropriateCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.8 Ensure SSH IgnoreRhosts is enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.1 Ensure password creation requirements are configured - ucreditCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.2 Ensure filesystem integrity is regularly checkedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [success=1 default=bad] pam_unix.so'CIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.3 Ensure password reuse is limited - password-authCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.1 Ensure password expiration is 365 days or less - login.defsCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.6 Ensure access to the su command is restricted - /etc/groupCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.6 Ensure access to the su command is restricted - /etc/pam.d/suCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.1.7 Ensure permissions on /etc/gshadow are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.7 Ensure permissions on /etc/shadow- are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.8 Ensure permissions on /etc/gshadow- are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.11 Ensure no unowned files or directories existCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.2 Ensure no legacy "+" entries exist in /etc/passwdCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.3 Ensure all groups in /etc/passwd exist in /etc/groupCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

6.2.6 Ensure no duplicate user names existCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.7 Ensure all users' home directories existCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.8 Ensure root path integrityCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

7.1 Ensure HSTS Header is set - ServerCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure TLS 1.0 is disabledCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.14 Ensure TLS Cipher Suite ordering is configuredCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION