Item Search

Name	Audit Name	Plugin	Category
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Red Hat EL8 Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS SUSE Linux Enterprise Server 12 L1 v2.1.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing	CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing	CIS SUSE Linux Enterprise Server 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS Oracle Linux 6 Workstation L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS CentOS 6 Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS CentOS 6 Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'	CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'	CIS Ubuntu Linux 16.04 LTS Server L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.6 Ensure no unconfined daemons exist	CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.6 Ensure no unconfined daemons exist	CIS SUSE Linux Enterprise Server 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.6.2.1 Ensure SELinux is not disabled in bootloader configuration - enforcing=0	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	ACCESS CONTROL
1.6.2.1 Ensure SELinux is not disabled in bootloader configuration - selinux=0	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	ACCESS CONTROL
1.6.2.1 Ensure SELinux is not disabled in bootloader configuration - selinux=0	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - processes unconfined	CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.7.1.1 Ensure AppArmor is installed	CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1	Unix	ACCESS CONTROL
1.7.1.1 Ensure AppArmor is installed	CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured	CIS Oracle Linux 7 Server L1 v3.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured	CIS Oracle Linux 7 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux mode is enforcing or permissive	CIS Oracle Linux 7 Server L1 v3.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux mode is enforcing or permissive - config	CIS Oracle Linux 7 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
2.1 Ensure IAM Policy for EC2 IAM Roles for Web tier is configured	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	ACCESS CONTROL
2.2 Ensure IAM Policy for EC2 IAM Roles for App tier is configured	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	ACCESS CONTROL
2.4.2 Restrict BIND Access with SELinux 'named_disable_trans'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.4.2 Restrict BIND Access with SELinux 'named_write_master_zones'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.4.2 Restrict BIND Access with SELinux 'SELINUX'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.4.2 Restrict BIND Access with SELinux 'SELINUXTYPE'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.210 - The system must enable SELinux.	Tenable Fedora Linux Best Practices v2.0.0	Unix	ACCESS CONTROL
2.220 - The operating system must enable the SELinux targeted policy.	Tenable Fedora Linux Best Practices v2.0.0	Unix	ACCESS CONTROL
3.4.3.8 Ensure nftables rules are permanent	CIS Red Hat EL8 Server L1 v1.0.0	Unix	ACCESS CONTROL
3.4.3.8 Ensure nftables rules are permanent	CIS Red Hat EL8 Workstation L1 v1.0.0	Unix	ACCESS CONTROL
3.5.2.11 Ensure nftables rules are permanent	CIS Oracle Linux 7 Server L1 v3.0.0	Unix	ACCESS CONTROL
4.5 Activate AppArmor - '0 profiles in complain mode'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	ACCESS CONTROL
4.5 Activate AppArmor - 'Profiles are loaded' - Review	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	ACCESS CONTROL
4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - apparmor=1	CIS Debian Linux 7 L2 v1.0.0	Unix	ACCESS CONTROL
4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - security=apparmor	CIS Debian Linux 7 L2 v1.0.0	Unix	ACCESS CONTROL
5.1 Do not disable AppArmor	CIS Docker 1.12.0 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.2 Verify SELinux security options, if applicable	CIS Docker 1.12.0 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.2 Verify SELinux security options, if applicable	CIS Docker 1.11.0 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.2 Verify SELinux security options, if applicable (Scored)	CIS Docker 1.6 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.4 CIFS - 'cifs.gpo.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	ACCESS CONTROL
6.4 Ensure system device files are labeled - device_t	CIS Amazon Linux 2 STIG v1.0.0 L3	Unix	ACCESS CONTROL
12 - Restrict BIND Access with SELinux - named_write_master_zones	BIND - TNS BIND Best Practices Audit v1.0.0	Unix	ACCESS CONTROL
12 - Restrict BIND Access with SELinux - SELINUX	BIND - TNS BIND Best Practices Audit v1.0.0	Unix	ACCESS CONTROL
IBM i : Allow User Domain Objects (QALWUSRDMN) - '*ALL'	IBM System i Security Reference for V7R3	AS/400	ACCESS CONTROL
IBM i : Allow User Domain Objects (QALWUSRDMN) - '*ALL'	IBM System i Security Reference for V7R1 and V6R1	AS/400	ACCESS CONTROL
IBM i : Allow User Domain Objects (QALWUSRDMN) - '*all'	IBM iSeries Security Reference v5r4	AS/400	ACCESS CONTROL
PCI 7.1 Limit access to system components and cardholder data to only those individuals whose job requires such access -SELINUXTYPE=targeted	PCI DSS 2.0/3.0 - Red Hat Linux	Unix	ACCESS CONTROL

Detections

Analytics

Item Search