Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.15 Ensure that the admission control plugin PodSecurityPolicy is setCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

SYSTEM AND SERVICES ACQUISITION

1.2.25 Ensure that the --service-account-lookup argument is set to trueCIS RedHat OpenShift Container Platform 4 v1.5.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

2.1 Ensure that authentication is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

2.1 Ensure that authentication is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

2.2 Ensure that authorization is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

2.2 Ensure that authorization is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

3.2.1 Ensure DLP policies are enabledCIS Microsoft 365 Foundations E3 L1 v3.0.0microsoft_azure

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

3.2.2 Ensure DLP policies are enabled for Microsoft TeamsCIS Microsoft 365 Foundations E5 L1 v3.0.0microsoft_azure

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

3.3 Restrict Query OriginsCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

3.3 Restrict Query OriginsCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

4.1.6 Ensure that Service Account Tokens are only mounted where necessaryCIS Google Kubernetes Engine (GKE) v1.5.0 L1GCP

CONFIGURATION MANAGEMENT

4.2.7 Ensure that the --make-iptables-util-chains argument is set to trueCIS RedHat OpenShift Container Platform 4 v1.5.0 L1OpenShift

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.8 Make use of default rolesCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.2.2 (L1) Host must ensure all datastores have unique namesCIS VMware ESXi 8.0 v1.1.0 L1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

7.6 (L1) Virtual machines must limit console sharing.CIS VMware ESXi 8.0 v1.1.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

8.1.1 Ensure external file sharing in Teams is enabled for only approved cloud storage servicesCIS Microsoft 365 Foundations E3 L2 v3.0.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

8.1.1 Ensure only one remote console connection is permitted to a VM at any timeCIS VMware ESXi 7.0 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.1.2 Ensure only one remote console connection is permitted to a VM at any timeCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

10.1 Ensure SELinux Is Enabled in Enforcing Mode - config fileCIS BIND DNS v1.0.0 L2 Caching Only Name ServerUnix

ACCESS CONTROL

10.1 Ensure SELinux Is Enabled in Enforcing Mode - config fileCIS BIND DNS v1.0.0 L2 Authoritative Name ServerUnix

ACCESS CONTROL

10.1 Ensure SELinux Is Enabled in Enforcing Mode - current modeCIS BIND DNS v1.0.0 L2 Caching Only Name ServerUnix

ACCESS CONTROL

10.1 Ensure SELinux Is Enabled in Enforcing Mode - current modeCIS BIND DNS v1.0.0 L2 Authoritative Name ServerUnix

ACCESS CONTROL

11.1 Ensure SELinux Is Enabled in Enforcing ModeCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

ACCESS CONTROL

11.1 Ensure SELinux Is Enabled in Enforcing ModeCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

11.1 Ensure SELinux Is Enabled in Enforcing Mode - configCIS Apache HTTP Server 2.4 L2 v2.1.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

11.1 Ensure SELinux Is Enabled in Enforcing Mode - configCIS Apache HTTP Server 2.4 L2 v2.1.0 MiddlewareUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

11.1 Ensure SELinux Is Enabled in Enforcing Mode - currentCIS Apache HTTP Server 2.4 L2 v2.1.0 MiddlewareUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

11.1 Ensure SELinux Is Enabled in Enforcing Mode - currentCIS Apache HTTP Server 2.4 L2 v2.1.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION