Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'CIS SQL Server 2019 Database L1 DB v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'CIS SQL Server 2019 Database L1 DB v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'CIS SQL Server 2022 Database L1 DB v1.0.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0'CIS SQL Server 2019 Database L1 DB v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0'CIS SQL Server 2022 Database L1 DB v1.0.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled'CIS SQL Server 2016 Database L1 OS v1.4.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS SQL Server 2022 Database L1 DB v1.0.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.3 Ensure iptables is installedCIS Google Container-Optimized OS L1 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure firewalld is installed - iptablesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.7 Ensure firewalld drops unnecessary services and portsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.4 Ensure iptables are flushed with nftables - ip6tablesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.4 Ensure iptables are flushed with nftables - iptablesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.5 Ensure an nftables table existsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure nftables base chains exist - hook inputCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure nftables base chains exist - hook outputCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables outbound and established connections are configured - inputCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.9 Ensure nftables default deny firewall policy - forwardCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.9 Ensure nftables default deny firewall policy - inputCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.1 Ensure iptables is installedCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - FORWARDCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - FORWARDCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - INPUTCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - OUTPUTCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - OUTPUTCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - inputCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - inputCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - outputCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.8 Ensure SSH IgnoreRhosts is enabledCIS Google Container-Optimized OS L1 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS RedHat OpenShift Container Platform 4 v1.5.0 L1OpenShift

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes Benchmark v1.8.0 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.2 Ensure that all Namespaces have Network Policies definedCIS Kubernetes Benchmark v1.8.0 L2 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.2 Ensure that all Namespaces have Network Policies defined - NetworkPoliciesCIS RedHat OpenShift Container Platform 4 v1.5.0 L2OpenShift

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.6.4 Ensure clusters are created with Private Endpoint Enabled and Public Access DisabledCIS Google Kubernetes Engine (GKE) v1.5.0 L2GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.7.1 Create administrative boundaries between resources using namespacesCIS RedHat OpenShift Container Platform 4 v1.5.0 L1OpenShift

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.22 Ensure the default seccomp profile is not DisabledCIS Docker v1.6.0 L1 Docker LinuxUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure the vSwitch MAC Address Change policy is set to rejectCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure the vSwitch MAC Address Change policy is set to rejectCIS VMware ESXi 7.0 v1.3.0 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure 'SQL Server Browser Service' is configured correctlyCIS SQL Server 2022 Database L1 DB v1.0.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.1 Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.1 Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.8 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.8 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.8 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION