Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.11 Ensure that the admission control policy is not set to AlwaysAdmitCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

ACCESS CONTROL

1.1.21 Ensure that the --token-auth-file parameter is not setCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.23 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - kubelet-client-keyCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.27 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.3 Ensure that Security Key Enforcement is Enabled for All Admin AccountsCIS Google Cloud Platform v3.0.0 L2GCP

IDENTIFICATION AND AUTHENTICATION

1.6 Ensure maximum RAM is installedCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

1.8 Ensure That Separation of Duties Is Enforced While Assigning Service Account Related Roles to UsersCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

2.7 Ensure internal sources are blocked on external networksCIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.9 Ensure That the Log Metric Filter and Alerts Exist for VPC Network ChangesCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

2.14 Ensure 'Access Transparency' is 'Enabled'CIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

3.2.2 Ensure authentication-type is set to MD5CIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

3.3 Ensure unused interfaces are set to disableCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND INFORMATION INTEGRITY

3.8 Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC NetworkCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

4.1.1 Ensure peer authentication is set to MD5CIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

4.1.3 Ensure EBGP peers are set to use GTSMCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

4.1.5 Ensure Ingress Filtering is set for EBGP peersCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure IS-IS neighbor authentication is set to MD5CIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

4.8.1 Ensure authentication is set to MD5CIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

4.9 Ensure That Compute Instances Do Not Have Public IP AddressesCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

4.12.1 Ensure LLDP is Disabled if not RequiredCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

5.3 Ensure a client list is set for SNMPv1/v2 communitiesCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

5.5 Ensure SNMP Write Access is not setCIS Juniper OS Benchmark v2.1.0 L2Juniper

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

6.1.3 Ensure Accounting of Configuration ChangesCIS Juniper OS Benchmark v2.1.0 L1Juniper

AUDIT AND ACCOUNTABILITY

6.1.4 Recommend Accounting of Interactive Commands (where External AAA is used)CIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

6.2.1 Ensure Archive on CommitCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONTINGENCY PLANNING

6.2.3 Ensure NO Plain Text Archive Sites are configuredCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONTINGENCY PLANNING

6.2.4 Ensure 'Log_statement' Database Flag for Cloud SQL PostgreSQL Instance Is Set AppropriatelyCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

6.4.1 Ensure Authentication is configured for Diagnostic PortsCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.6 Ensure That Cloud SQL Database Instances Do Not Have Public IPsCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

6.6.1.3 Ensure Minimum Backoff Factor of 5CIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL

6.6.1.4 Ensure Minimum Session Time of at least 20 secondsCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL

6.6.3 Ensure Idle Timeout is set for all Login ClassesCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL

6.6.5 Ensure all Custom Login Classes Forbid Shell AccessCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL

6.6.8 Ensure login message is setCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL

6.7.7 Ensure Strong Authentication Methods are used for NTP AuthenticationCIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

6.9.2 Ensure Root Password is UniqueCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.5 Ensure Remote Root-Login is denied via SSHCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.10.1.7 Ensure Only Suite B Ciphers are set for SSH - weak ciphersCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.10 Ensure Only Suite B Key Exchange Methods are set for SSH - weak key-exchangeCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.2.1 Ensure Web-Management is not Set to HTTPCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.2.4 Ensure Idle Timeout is Set for Web-ManagementCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.3.4 Ensure XNM-SSL SSLv3 Support is Not SetCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.4.1 Ensure NETCONF Rate Limit is SetCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.10.5.3 Ensure REST is Set to use PKI Certificate for HTTPSCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.8 Ensure FTP Service is Not SetCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND INFORMATION INTEGRITY

6.11.1 Ensure Auxiliary Port is Set to DisabledCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND INFORMATION INTEGRITY

6.12.2 Ensure At Least 2 External SYSLOG Hosts are Set with Any/InfoCIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

6.14 Ensure Configuration File Encryption is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

6.22 Ensure ICMP Redirects are Disabled for IPv6CIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND INFORMATION INTEGRITY

7.3 Ensure That a Default Customer-Managed Encryption Key (CMEK) Is Specified for All BigQuery Data SetsCIS Google Cloud Platform v3.0.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION