Item Search

NameAudit NamePluginCategory
2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'CIS Oracle Server 18c Linux v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2022 Database L1 AWS RDS v1.0.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Ensure SQL Server is configured to use non-standard portsCIS SQL Server 2019 Database L1 AWS RDS v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1.3 Configure EIGRP log-adjacency-changesCIS Cisco NX-OS L2 v1.0.0Cisco

SECURITY ASSESSMENT AND AUTHORIZATION

3.1.1.3 Configure EIGRP log-adjacency-changesCIS Cisco NX-OS L1 v1.0.0Cisco

SECURITY ASSESSMENT AND AUTHORIZATION

3.3.1.1 Ensure IPv6 default deny firewall policy - Chain FORWARDCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.1 Ensure IPv6 default deny firewall policy - Chain INPUTCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.3 Ensure IPv6 outbound and established connections are configuredCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2.1 Ensure default deny firewall policy - Chain FORWARDCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2.1 Ensure default deny firewall policy - Chain INPUTCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2.1 Ensure default deny firewall policy - Chain OUTPUTCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2.3 Ensure outbound and established connections are configuredCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Ensure Hit count is Enable for the rulesCIS Check Point Firewall L2 v1.1.0CheckPoint

SECURITY ASSESSMENT AND AUTHORIZATION

3.4.2.6 Ensure nftables base chains exist - hook forwardCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.6 Ensure nftables base chains exist - hook inputCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.6 Ensure nftables base chains exist - hook outputCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.8 Ensure nftables outbound and established connections are configured - inputCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.8 Ensure nftables outbound and established connections are configured - outputCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.9 Ensure nftables default deny firewall policy - hook inputCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.11 Ensure nftables rules are permanent - forwardCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.11 Ensure nftables rules are permanent - inputCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.4 Ensure default deny firewall policy - forwardCIS SUSE Linux Enterprise Server 12 L1 v3.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.4 Ensure default deny firewall policy - outputCIS SUSE Linux Enterprise Server 12 L1 v3.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.1 Ensure IPv6 loopback traffic is configured - inputCIS SUSE Linux Enterprise Server 12 L1 v3.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2 Ensure IPv6 outbound and established connections are configuredCIS SUSE Linux Enterprise Server 12 L1 v3.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3 Ensure IPv6 firewall rules exist for all open portsCIS SUSE Linux Enterprise Server 12 L1 v3.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure that IP Security is availableCIS IBM AIX 7.2 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2 Ensure loopback traffic is blocked on external interfacesCIS IBM AIX 7.2 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2 Ensure that all Namespaces have Network Policies definedCIS Google Kubernetes Engine (GKE) v1.5.0 L2GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3 Ensure that IPsec filters are activeCIS IBM AIX 7.2 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.21 Ensure SSH AllowTcpForwarding is disabledCIS Google Container-Optimized OS L2 Server v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure that the CNI in use supports Network PoliciesCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.2 Ensure that all Namespaces have Network Policies definedCIS Kubernetes v1.24 Benchmark v1.0.0 L2 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.2 Ensure that all Namespaces have Network Policies definedCIS Kubernetes v1.20 Benchmark v1.0.1 L2 MasterUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.6.2 Ensure use of VPC-native clustersCIS Google Kubernetes Engine (GKE) v1.5.0 L1GCP

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.21 Ensure that the host's UTS namespace is not sharedCIS Docker v1.6.0 L1 Docker LinuxUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2.3 Ensure that port groups are not configured to VLAN values reserved by upstream physical switchesCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION

7.5 Ensure that port groups are not configured to VLAN values reserved by upstream physical switchesCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION

7.9 Ensure that management plane traffic is separated from data plane trafficCIS Docker v1.6.0 L1 Docker SwarmUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.1 Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.1 Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.8 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.8 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.1 Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.1 Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

20.31 Ensure 'Host-based firewall is installed and enabled'CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION