Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device managementCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSHCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 Restrict Access to VTY Sessions - line vty access-classCIS Cisco NX-OS L2 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 Restrict Access to VTY Sessions - line vty access-classCIS Cisco NX-OS L1 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 Restrict Access to VTY Sessions - VTY ACLCIS Cisco NX-OS L1 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.2 Restrict Access to VTY Sessions - VTY ACLCIS Cisco NX-OS L2 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4 Create 'access-list' for use with 'line vty' - 'ACL deny is configured'CIS Cisco IOS 12 L1 v4.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4 Create 'access-list' for use with 'line vty' - 'ACL permit tcp is configured'CIS Cisco IOS 12 L1 v4.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.4.2 If SNMPv2 is in use, set Restrictions on Access - ACLCIS Cisco NX-OS L1 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.4.2 If SNMPv2 is in use, set Restrictions on Access - snmp-serverCIS Cisco NX-OS L1 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.6 Create an 'access-list' for use with SNMP - 'SNMP deny secured by ACL'CIS Cisco IOS 12 L1 v4.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.6 Create an 'access-list' for use with SNMP - 'SNMP permit secured by ACL'CIS Cisco IOS 12 L1 v4.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions - loggingCIS Cisco NX-OS L2 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions - loggingCIS Cisco NX-OS L1 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions - ntpCIS Cisco NX-OS L2 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions - ntpCIS Cisco NX-OS L1 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions - snmp-server hostCIS Cisco NX-OS L2 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions - snmp-server hostCIS Cisco NX-OS L1 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions - snmp-server traps/informsCIS Cisco NX-OS L2 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions - snmp-server traps/informsCIS Cisco NX-OS L1 v1.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure that User-ID is only enabled for internal trusted interfacesCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure that User-ID is only enabled for internal trusted interfacesCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Enable the Firewall Stealth RuleCIS Check Point Firewall L2 v1.1.0CheckPoint

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure Caller ID is setCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure access profile is set to use CHAPCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Ensure SharePoint implements an information system isolation boundary that minimizes the number of non-security functions included within the boundary containing security functions.CIS Microsoft SharePoint 2019 OS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure SharePoint implements security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers.CIS Microsoft SharePoint 2019 OS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure nftables loopback traffic is configured - loCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure nftables loopback traffic is configured - loCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables default deny firewall policy - forwardCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables default deny firewall policy - forwardCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables default deny firewall policy - inputCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables default deny firewall policy - inputCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables default deny firewall policy - outputCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables default deny firewall policy - outputCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Ensure Common SNMP Community Strings are NOT usedCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

5.3 Ensure a client list is set for SNMPv1/v2 communitiesCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

5.8 Ensure interface restrictions are set for SNMPCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

5.9 Ensure SNMP is set to OOB management onlyCIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

6.10.2.6 Ensure Web-Management Interface Restriction is SetCIS Juniper OS Benchmark v2.1.0 L1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

6.10.2.7 Ensure Web-Management Interface Restriction is set to OOB ManagementCIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

6.11 Ensure a route table for the public subnets is createdCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.12 Ensure a route table for the private subnets is createdCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.13 Ensure Routing Table associated with Web tier ELB subnet have the default route (0.0.0.0/0) defined to allow connectivityCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.14 Ensure Routing Table associated with Web tier subnet have the default route (0.0.0.0/0) defined to allow connectivityCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.15 Ensure Routing Table associated with App tier subnet have the default route (0.0.0.0/0) defined to allow connectivityCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.16 Ensure Routing Table associated with Data tier subnet have NO default route (0.0.0.0/0) defined to allow connectivityCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

Authorized IP managersArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

SYSTEM AND COMMUNICATIONS PROTECTION

FireEye - User connections are limited by subnet or VLANTNS FireEyeFireEye

SYSTEM AND COMMUNICATIONS PROTECTION

Network Security - Use the Out-of-Band (OOB) interface for all management related trafficJuniper Hardening JunOS 12 Devices ChecklistJuniper

SYSTEM AND COMMUNICATIONS PROTECTION