Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure device firmware is up to dateAirWatch - CIS Google Android v1.3.0 L1MDM
1.1 Create local-settings.js file - general.config.filenameCIS Mozilla Firefox 102 ESR Linux L1 v1.0.0Unix

ACCESS CONTROL

1.7 Verify That the 'PGPASSWORD' Environment Variable is Not in UseCIS PostgreSQL 14 OS v 1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.3 (L2) Ensure Microsoft Defender for Cloud Apps is enabled and configuredCIS Microsoft 365 Foundations v5.0.0 L2 E5microsoft_azure

SYSTEM AND INFORMATION INTEGRITY

6.1.2 Ensure filesystem integrity is regularly checkedCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1.2 Ensure filesystem integrity is regularly checkedCIS Debian Linux 11 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.102.3 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.18 Ensure 'Directory data (outside the root DSE) of a non-public directory is configured' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

AADC-CL-001285 - Adobe Acrobat Pro DC Classic must disable the ability to store files on Acrobat.com.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CL-001315 - Adobe Acrobat Pro DC Classic SharePoint and Office365 access must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

Big Sur - Disable Content Caching ServiceNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

CONFIGURATION MANAGEMENT

Big Sur - Disable Content Caching ServiceNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

CONFIGURATION MANAGEMENT

Big Sur - Disable Content Caching ServiceNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

CONFIGURATION MANAGEMENT

CASA-VN-000130 - The Cisco ASA must be configured to not accept certificates that have been revoked when using PKI for authentication.DISA STIG Cisco ASA VPN v2r2Cisco

IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Content Caching ServiceNIST macOS Catalina v1.5.0 - 800-171Unix

CONFIGURATION MANAGEMENT

Catalina - Disable Content Caching ServiceNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

CONFIGURATION MANAGEMENT

Catalina - Disable Content Caching ServiceNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

CONFIGURATION MANAGEMENT

Catalina - Disable Content Caching ServiceNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'Directory'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'LoadModule cgi_module'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'ScriptAlias'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

CIS Microsoft IIS 8 Benchmark v1.5.1 Level 1CIS IIS 8.0 v1.5.1 Level 1Windows
DG0122-ORACLE11 - Access to sensitive data should be restricted to authorized users identified by the Information Owner - 'controlfile'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0122-ORACLE11 - Access to sensitive data should be restricted to authorized users identified by the Information Owner - 'datafile'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB

ACCESS CONTROL

Directory access permissions should be restricted.TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

HTTP TRACE method should be disabled. 'RewriteLog'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

HTTP TRACE method should be disabled. 'TraceEnable'TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT

Keep Alive setting parameter value should be appropriately configured.TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log'TNS IBM HTTP Server Best Practice MiddlewareUnix

AUDIT AND ACCOUNTABILITY

MaxClients parameter value should be configured to appropriate value.TNS IBM HTTP Server Best Practice MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Content Caching ServiceNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

CONFIGURATION MANAGEMENT

Monterey - Disable Content Caching ServiceNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

CONFIGURATION MANAGEMENT

MS.TEAMS.5.3v1 - Agencies SHOULD only allow installation of custom apps approved by the agency.CISA SCuBA Microsoft 365 Teams v1.5.0microsoft_azure

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND INFORMATION INTEGRITY

OL07-00-040410 - The Oracle Linux operating system must be configured so that the SSH public host key files have mode 0644 or less permissive.DISA Oracle Linux 7 STIG v3r2Unix

CONFIGURATION MANAGEMENT

PHTN-67-000032 - The Photon operating system must only allow installation of packages signed by VMware.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

RHEL-07-040410 - The Red Hat Enterprise Linux operating system must be configured so that the SSH public host key files have mode 0644 or less permissive.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

SPLK-CL-000160 - Splunk Enterprise must be configured to protect the log data stored in the indexes from alteration.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

AUDIT AND ACCOUNTABILITY

SQL2-00-038900 - If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password complexity.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

SQL2-00-038910 - If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password lifetime.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

SQL4-00-038910 - If SQL Server authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password lifetime.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

VCTR-67-000060 - The vCenter Server must enable revocation checking for certificate-based authentication.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT

VCWN-06-000053 - The connectivity between VSAN Health Check and public Hardware Compatibility List must be disabled or restricted.DISA STIG VMware vSphere vCenter 6.x v1r4VMware

CONFIGURATION MANAGEMENT