Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.14 Ensure that the admin.conf file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.5 Ensure Interactive Login is DisabledCIS MySQL 5.6 Enterprise Windows OS L2 v2.0.0Windows

ACCESS CONTROL

1.17 Ensure Snowflake stored procedures do not run with ACCOUNTADMIN or SECURITYADMIN role privilegesCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL

3.1 Ensure least privilege for database accountsCIS MongoDB 4 L1 DB v1.0.0MongoDB

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 15 v1.2.0 L1 OS Linux UnixUnix

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.6 Avoid use of system:masters groupCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L1GCP

ACCESS CONTROL

4.1.6 Avoid use of system:masters groupCIS Google Kubernetes Engine (GKE) v1.7.0 L1GCP

ACCESS CONTROL

4.1.7 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Google Kubernetes Engine (GKE) v1.7.0 L1GCP

ACCESS CONTROL

4.1.7 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L1GCP

ACCESS CONTROL

4.1.10 If the kubelet config.yaml configuration file is being used validate file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL

4.2 Ensure sudo is configured correctlyCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL

4.4 Ensure No Users Are Assigned the 'DEFAULT' ProfileCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

4.8 Ensure the set_user extension is installedCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL

5.1.7 Avoid use of system:masters groupCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.7 Avoid use of system:masters groupCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.2.1 Minimize the admission of privileged containersCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.2.1 Privilege escalation: sudoCIS IBM AIX 7.1 L2 v2.1.0Unix

ACCESS CONTROL

5.2.5 Minimize the admission of containers with allowPrivilegeEscalationCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.2.7 Minimize the admission of root containersCIS Kubernetes v1.23 Benchmark v1.0.1 L2 MasterUnix

ACCESS CONTROL

5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.5 Ensure the 'root' Account Is DisabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

ACCESS CONTROL

5.5 Ensure the 'root' Account Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

ACCESS CONTROL

5.6 Ensure the 'root' Account Is DisabledCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL

6.1.1 Ensure sudo is installedCIS IBM AIX 7 v1.1.0 L2Unix

ACCESS CONTROL

7.2 Ensure logging of replication commands is configuredCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

ACCESS CONTROL

9.4 Ensure 'super_priv' Is Not Set to 'Y' for Replication UsersCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 7 L2 v1.1.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 7 L2 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL

10.13 Do not run applications as privilegedCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.13 Do not run applications as privilegedCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for config componentCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask present in startupCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

Monterey - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

ACCESS CONTROL

Monterey - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

ACCESS CONTROL

Monterey - Require Administrator Password to Modify System-Wide PreferencesNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

ACCESS CONTROL