1.2.15 Ensure that the admission control plugin PodSecurityPolicy is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
1.2.25 Ensure that the --service-account-lookup argument is set to true | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL, MEDIA PROTECTION |
2.1 Ensure that authentication is enabled for Cassandra databases | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
2.1 Ensure that authentication is enabled for Cassandra databases | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
2.2 Ensure that authorization is enabled for Cassandra databases | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
2.2 Ensure that authorization is enabled for Cassandra databases | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
3.2.1 Ensure DLP policies are enabled | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
3.2.2 Ensure DLP policies are enabled for Microsoft Teams | CIS Microsoft 365 Foundations E5 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
3.3 Restrict Query Origins | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | ACCESS CONTROL |
3.3 Restrict Query Origins | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | ACCESS CONTROL |
4.1.6 Ensure that Service Account Tokens are only mounted where necessary | CIS Google Kubernetes Engine (GKE) v1.5.0 L1 | GCP | CONFIGURATION MANAGEMENT |
4.2.7 Ensure that the --make-iptables-util-chains argument is set to true | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
4.8 Make use of default roles | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | ACCESS CONTROL |
6.2.2 (L1) Host must ensure all datastores have unique names | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
7.6 (L1) Virtual machines must limit console sharing. | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly' | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
8.1.1 Ensure external file sharing in Teams is enabled for only approved cloud storage services | CIS Microsoft 365 Foundations E3 L2 v3.0.0 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
8.1.1 Ensure only one remote console connection is permitted to a VM at any time | CIS VMware ESXi 7.0 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
8.1.2 Ensure only one remote console connection is permitted to a VM at any time | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
10.1 Ensure SELinux Is Enabled in Enforcing Mode - config file | CIS BIND DNS v1.0.0 L2 Caching Only Name Server | Unix | ACCESS CONTROL |
10.1 Ensure SELinux Is Enabled in Enforcing Mode - config file | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | ACCESS CONTROL |
10.1 Ensure SELinux Is Enabled in Enforcing Mode - current mode | CIS BIND DNS v1.0.0 L2 Caching Only Name Server | Unix | ACCESS CONTROL |
10.1 Ensure SELinux Is Enabled in Enforcing Mode - current mode | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | ACCESS CONTROL |
11.1 Ensure SELinux Is Enabled in Enforcing Mode | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | ACCESS CONTROL |
11.1 Ensure SELinux Is Enabled in Enforcing Mode | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
11.1 Ensure SELinux Is Enabled in Enforcing Mode - config | CIS Apache HTTP Server 2.4 L2 v2.1.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
11.1 Ensure SELinux Is Enabled in Enforcing Mode - config | CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
11.1 Ensure SELinux Is Enabled in Enforcing Mode - current | CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
11.1 Ensure SELinux Is Enabled in Enforcing Mode - current | CIS Apache HTTP Server 2.4 L2 v2.1.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |