Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.1 Ensure IPv6 default deny firewall policy - Chain FORWARDCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.1 Ensure IPv6 default deny firewall policy - Chain INPUTCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.3 Ensure IPv6 outbound and established connections are configuredCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Ensure Hit count is Enable for the rulesCIS Check Point Firewall L2 v1.1.0CheckPoint

SECURITY ASSESSMENT AND AUTHORIZATION

3.4.1.1 Ensure nftables is installedCIS Amazon Linux 2023 Server L2 v1.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure ufw is installedCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.3 Ensure IPv4 outbound and established connections are configuredCIS Bottlerocket L2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure ufw is uninstalled or disabled with nftablesCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.1 Ensure iptables packages are installedCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.2 Ensure nftables is not installed with iptablesCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.1 Ensure iptables default deny firewall policyCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.2 Ensure iptables loopback traffic is configuredCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.1 Ensure ip6tables default deny firewall policyCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.4 Ensure ip6tables firewall rules exist for all open portsCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1 Ensure ufw is installedCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1 Ensure ufw is installedCIS Debian Linux 12 v1.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.5 Ensure ufw outbound connections are configuredCIS Debian Linux 12 v1.0.1 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.5 Ensure ufw outbound connections are configuredCIS Debian Linux 12 v1.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.2 Ensure ufw is uninstalled or disabled with nftablesCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.2 Ensure ufw is uninstalled or disabled with nftablesCIS Debian Linux 12 v1.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure iptables are flushed with nftablesCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure iptables are flushed with nftablesCIS Debian Linux 12 v1.0.1 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.5 Ensure nftables base chains existCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.6 Ensure nftables loopback traffic is configuredCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.6 Ensure nftables loopback traffic is configuredCIS Debian Linux 12 v1.0.1 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.6 Ensure nftables loopback traffic is configuredCIS Debian Linux 12 v1.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.7 Ensure nftables outbound and established connections are configuredCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.7 Ensure nftables outbound and established connections are configuredCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.8 Ensure nftables default deny firewall policyCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.9 Ensure nftables service is enabledCIS Debian Linux 12 v1.0.1 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure that IP Security is availableCIS IBM AIX 7.2 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1.2 Ensure nftables is not installed with iptablesCIS Debian Linux 12 v1.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1.3 Ensure ufw is uninstalled or disabled with iptablesCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2 Ensure loopback traffic is blocked on external interfacesCIS IBM AIX 7.2 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2 Ensure that all Namespaces have Network Policies definedCIS Google Kubernetes Engine (GKE) v1.5.0 L2GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2.2 Ensure iptables loopback traffic is configuredCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2.2 Ensure iptables loopback traffic is configuredCIS Debian Linux 12 v1.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2.3 Ensure iptables outbound and established connections are configuredCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3 Ensure that IPsec filters are activeCIS IBM AIX 7.2 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3.2 Ensure ip6tables loopback traffic is configuredCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3.4 Ensure ip6tables firewall rules exist for all open portsCIS Debian Linux 12 v1.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.6 Ensure SSH X11 forwarding is disabledCIS Google Container-Optimized OS L1 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION

5.6.2 Ensure use of VPC-native clustersCIS Google Kubernetes Engine (GKE) v1.5.0 L1GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.14 Ensure that incoming container traffic is bound to a specific host interfaceCIS Docker v1.6.0 L1 Docker LinuxUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.21 Ensure that the host's UTS namespace is not sharedCIS Docker v1.6.0 L1 Docker LinuxUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.9 Ensure that management plane traffic is separated from data plane trafficCIS Docker v1.6.0 L1 Docker SwarmUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION