1.1.2 Ensure that the API server pod specification file ownership is set to root:root | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:root | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:root | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
1.1.8 Ensure that the etcd pod specification file ownership is set to root:root | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:root | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
1.2.1 Set 'privilege 1' for local users - 'All users have encrypted passwords' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
1.2.1 Set 'privilege 1' for local users - 'No users with privileges 2-15' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
1.5 Ensure Interactive Login is Disabled | CIS MySQL 8.0 Community Linux OS L2 v1.0.0 | Unix | ACCESS CONTROL |
2.1.2 Ensure 'ADMIN_RESTRICTIONS_' Is Set to 'ON' | CIS Oracle Server 19c Linux v1.2.0 | Unix | ACCESS CONTROL |
2.1.2 Ensure 'ADMIN_RESTRICTIONS_' Is Set to 'ON' | CIS Oracle Server 19c Windows v1.2.0 | Windows | ACCESS CONTROL |
2.3.17.1 Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1 | Windows | ACCESS CONTROL |
2.4.3 Ensure admin accounts with different privileges have their correct profiles assigned | CIS Fortigate 7.0.x Level 1 v1.2.0 | FortiGate | ACCESS CONTROL |
4.1 Ensure a non-root user account exists for local admin access | CIS VMware ESXi 7.0 v1.3.0 Level 1 Bare Metal | Unix | ACCESS CONTROL |
4.1 Ensure sudo is configured correctly | CIS PostgreSQL 16 OS v1.0.0 | Unix | ACCESS CONTROL |
4.1.2 Ensure that the kubelet service file ownership is set to root:root | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
4.1.8 Ensure that the client certificate authorities file ownership is set to root:root | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
4.2.20 Ensure sshd PermitRootLogin is disabled | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL |
4.2.20 Ensure sshd PermitRootLogin is disabled | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | ACCESS CONTROL |
4.3.2 Ensure sudo commands use pty | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL |
4.3.4 Ensure users must provide password for escalation | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | ACCESS CONTROL |
4.3.4 Ensure users must provide password for escalation | CIS Oracle Linux 8 Server L2 v3.0.0 | Unix | ACCESS CONTROL |
4.3.4 Ensure users must provide password for escalation | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL |
4.3.4 Ensure users must provide password for escalation | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL |
4.3.4 Ensure users must provide password for privilege escalation | CIS Debian 10 Server L2 v2.0.0 | Unix | ACCESS CONTROL |
4.3.6 Ensure sudo authentication timeout is configured correctly | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | ACCESS CONTROL |
4.4 Ensure No Users Are Assigned the 'DEFAULT' Profile | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
4.6 Ensure the set_user extension is installed | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | ACCESS CONTROL |
5.2.2 Minimize the admission of containers wishing to share the host process ID namespace | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL |
5.2.8 Ensure SSH root login is disabled | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL |
5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS MySQL 8.0 Community Database L2 v1.0.0 | MySQLDB | ACCESS CONTROL |
5.3.4 Ensure users must provide password for escalation | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL |
5.3.4 Ensure users must provide password for escalation | CIS CentOS Linux 8 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL |
5.3.12 Ensure SSH root login is disabled | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL |
5.4 Adding authorized users in at.allow | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
5.6 Adding authorised users in cron.allow | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
5.6 Ensure the 'root' Account Is Disabled | CIS Apple macOS 13.0 Ventura v2.0.0 L1 | Unix | ACCESS CONTROL |
7.1 Ensure a replication-only user is created and used for streaming replication | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | ACCESS CONTROL |
10.2 Restrict access to the web administration application | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL |
10.2 Restrict access to the web administration application | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
10.13 Do not run applications as privileged | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL |
10.13 Do not run applications as privileged | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
10.13 Do not run applications as privileged | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL |
10.17 Setting Security Lifecycle Listener - check for umask present in startup | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL |
10.17 Setting Security Lifecycle Listener - check for umask uncommented in startup | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
18.9.85.2 Ensure 'Always install with elevated privileges' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1 | Windows | ACCESS CONTROL |
18.10.81.2 Ensure 'Always install with elevated privileges' is set to 'Disabled' - Disabled | CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0 | Windows | ACCESS CONTROL |
19.7.40.1 Ensure 'Always install with elevated privileges' is set to 'Disabled' - Disabled | CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0 | Windows | ACCESS CONTROL |
19.7.40.1 Ensure 'Always install with elevated privileges' is set to 'Disabled' - Disabled | CIS Microsoft Windows Server 2019 MS Standalone L1 v1.0.0 | Windows | ACCESS CONTROL |
19.7.43.1 Ensure 'Always install with elevated privileges' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1 | Windows | ACCESS CONTROL |