Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.10 Using Local RBAC to Limit User Access to ShellCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 SSH Allow ListCIS HPE Aruba Networking CX Switch v1.0.1 L1ArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 SSH Allow ListCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.15 Ensure that the admission control plugin PodSecurityPolicy is setCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

SYSTEM AND SERVICES ACQUISITION

1.2.23 Ensure that the --service-account-lookup argument is set to trueCIS Red Hat OpenShift Container Platform v1.9.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.4.1.1 Non Default Community Names, Access Rights & ACLCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

1.4.1.1 Non Default Community Names, Access Rights & ACLCIS HPE Aruba Networking CX Switch v1.0.1 L1ArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

1.17 UBTU-24-100510CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT IIUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

2.1 Ensure that authentication is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

2.1 Ensure that authentication is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

2.1.3 Disable Unused Physical InterfacesCIS HPE Aruba Networking CX Switch v1.0.1 L1ArubaOS

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.3 Disable Unused Physical InterfacesCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that authorization is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

2.2 Ensure that authorization is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

3.2.1 (L1) Ensure DLP policies are enabledCIS Microsoft 365 Foundations v6.0.1 L1 E3microsoft_azure

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

3.2.1 (L1) Ensure DLP policies are enabledCIS Microsoft 365 Foundations v6.0.1 L1 E5microsoft_azure

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

3.2.2 (L1) Ensure DLP policies are enabled for Microsoft TeamsCIS Microsoft 365 Foundations v6.0.1 L1 E5microsoft_azure

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

3.3 Restrict Query OriginsCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

3.3 Restrict Query OriginsCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

3.3.1.1 PIM Accept-RegisterCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.2 PIM Accept-RPCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.3 PIM SSMCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.3 IGMP Snooping ACLCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.4 MLD Snooping ACLCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

3.7 RA GuardCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.5 Ensure that Service Account Tokens are only mounted where necessaryCIS Google Kubernetes Engine GKE Autopilot v1.3.0 L1GCP

CONFIGURATION MANAGEMENT

4.1.5 Ensure that Service Account Tokens are only mounted where necessaryCIS Google Kubernetes Engine GKE v1.9.0 L1 GCPGCP

CONFIGURATION MANAGEMENT

4.2.7 Ensure that the --make-iptables-util-chains argument is set to trueCIS Red Hat OpenShift Container Platform v1.9.0 L1OpenShift

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Control Plane ACL ManagementCIS HPE Aruba Networking CX Switch v1.0.1 L2ArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Control Plane ACL ManagementCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security RecommendationsArubaOS

ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

4.8 Make use of default rolesCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.2.2 (L1) Host must ensure all datastores have unique namesCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

SYSTEM AND COMMUNICATIONS PROTECTION

6.2.10 Ensure 'JAVA_ADMIN' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 19c v2.0.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.2.10 Ensure 'JAVA_ADMIN' Is Revoked From Unauthorized 'GRANTEE'CIS Oracle Database 23ai v1.1.0 L1 RDBMSOracleDB

ACCESS CONTROL, MEDIA PROTECTION

7.6 (L1) Virtual machines must limit console sharing.CIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.4 v2.3.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

8.1.1 (L2) Ensure external file sharing in Teams is enabled for only approved cloud storage servicesCIS Microsoft 365 Foundations v6.0.1 L2 E5microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

8.1.1 (L2) Ensure external file sharing in Teams is enabled for only approved cloud storage servicesCIS Microsoft 365 Foundations v6.0.1 L2 E3microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

8.1.1 (L2) Ensure only one remote console connection is permitted to a VM at any timeCIS VMware ESXi 7.0 v1.5.0 L2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.1.2 Ensure only one remote console connection is permitted to a VM at any timeCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

10.1 Ensure SELinux Is Enabled in Enforcing Mode - config fileCIS BIND DNS v1.0.0 L2 Caching Only Name ServerUnix

ACCESS CONTROL

10.1 Ensure SELinux Is Enabled in Enforcing Mode - config fileCIS BIND DNS v1.0.0 L2 Authoritative Name ServerUnix

ACCESS CONTROL

10.1 Ensure SELinux Is Enabled in Enforcing Mode - current modeCIS BIND DNS v1.0.0 L2 Caching Only Name ServerUnix

ACCESS CONTROL

10.1 Ensure SELinux Is Enabled in Enforcing Mode - current modeCIS BIND DNS v1.0.0 L2 Authoritative Name ServerUnix

ACCESS CONTROL

11.1 Ensure SELinux Is Enabled in Enforcing ModeCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

11.1 Ensure SELinux Is Enabled in Enforcing ModeCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

ACCESS CONTROL

11.1 Ensure SELinux Is Enabled in Enforcing ModeCIS Apache HTTP Server 2.4 v2.3.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION