Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 18c Linux v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 18c Windows v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 12c Linux v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 12c Windows v3.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4 Ensure 'LOCAL_LISTENER' Is Set AppropriatelyCIS Oracle Server 11g R2 DB v2.2.0OracleDB
2.11.8.7.2.1.5 (L1) Ensure 'Word 2007 and later binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Intune for Office v1.1.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

3.6 Ensure 'threat-detection statistics' is set to 'tcp-intercept'CIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.6 Ensure 'threat-detection statistics' is set to 'tcp-intercept'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.6 Ensure 'threat-detection statistics' is set to 'tcp-intercept'CIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Enable Outbreak Prevention DatabaseCIS Fortigate 7.0.x v1.3.0 L2FortiGate

SYSTEM AND INFORMATION INTEGRITY

4.2.4 Enable AI /heuristic based malware detectionCIS Fortigate 7.0.x v1.3.0 L2FortiGate

SYSTEM AND INFORMATION INTEGRITY

4.2.6 Ensure inline scanning with FortiGuard AI-Based Sandbox Service is enabledCIS Fortigate 7.0.x v1.3.0 L1FortiGate

SYSTEM AND INFORMATION INTEGRITY

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.9 Ensure XProtect Is Running and UpdatedCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.10 Ensure XProtect Is Running and UpdatedCIS Apple macOS 15.0 Sequoia v1.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.10 Ensure XProtect Is Running and UpdatedCIS Apple macOS 14.0 Sonoma v2.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 13.0 Ventura v3.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 12.0 Monterey v4.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

5.11 Ensure XProtect Is Running and UpdatedCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

6.2 Ensure a secure antivirus profile is applied to all relevant security policiesCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

CASA-FW-000150 - The Cisco ASA must be configured to enable threat detection to mitigate risks of denial-of-service (DoS) attacks.DISA STIG Cisco ASA FW v2r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-FW-000220 - The Cisco ASA must be configured to implement scanning threat detection.DISA STIG Cisco ASA FW v2r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-ND-001180 - The Cisco ASA must be configured to protect against known types of denial-of-service (DoS) attacks by enabling the Threat Detection feature - DoS attacks by enabling the Threat Detection feature.DISA STIG Cisco ASA NDM v2r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CIS VMware ESXi 6.5 v1.0.0 Level 2CIS VMware ESXi 6.5 v1.0.0 Level 2VMware
EX13-MB-000265 - Exchange servers must have an approved DoD email-aware virus protection software installed.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND INFORMATION INTEGRITY

EX16-MB-000530 - Exchange servers must have an approved DoD email-aware virus protection software installed.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND INFORMATION INTEGRITY

EX19-ED-000174 - Role-Based Access Control must be defined for privileged and nonprivileged users.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

ACCESS CONTROL

EX19-MB-000134 - Exchange servers must have an approved DOD email-aware virus protection software installed.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

SYSTEM AND INFORMATION INTEGRITY

EX19-MB-000173 - Role-Based Access Control must be defined for privileged and nonprivileged users.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

ACCESS CONTROL

FireEye - Binary analysis AV-suite is enabledTNS FireEyeFireEye

SYSTEM AND INFORMATION INTEGRITY

FireEye - TNS Best Practices FireEye AuditTNS FireEyeFireEye
Fortigate - AV GraywareTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

SYSTEM AND INFORMATION INTEGRITY

JUSX-IP-000031 - The Juniper Networks SRX Series Gateway IDPS must either forward the traffic from inbound connections to be more deeply inspected for malicious code and Layer 7 threats, or the Antivirus and Unified Threat Management (UTM) license must be installed, active, and policies and rules configured.DISA Juniper SRX Services Gateway IDPS v2r1Juniper

CONFIGURATION MANAGEMENT

SonicWALL - Client AV Enforcement On - DMZTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Client AV Enforcement On - LANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Client AV Enforcement On - WLANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - DMZTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - LANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - WANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - WLANTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - FTP InboundTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - FTP OutboundTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - HTTP InboundTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - HTTP OutboundTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - POP3TNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Security Services - Gateway AV - TCP Stream InboundTNS SonicWALL v5.9SonicWALL

SYSTEM AND INFORMATION INTEGRITY

TNS_BestPractice_Citrix_XenServer.audit from TNS Citrix XenServer Best PracticesTNS Citrix XenServerUnix
WNDF-AV-000004 - Microsoft Defender AV must be configured to run and scan for malware and other potentially unwanted software.DISA STIG Microsoft Defender Antivirus v2r4Windows

SYSTEM AND INFORMATION INTEGRITY