Item Search

NameAudit NamePluginCategory
1.1 Place Databases on Non-System PartitionsCIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1 Place Databases on Non-System PartitionsCIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.1 Place Databases on Non-System PartitionsCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.1 Place Databases on Non-System PartitionsCIS MySQL 5.6 Community Linux OS L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.1 Place Databases on Non-System PartitionsCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1 Place Databases on Non-System PartitionsCIS MySQL 5.6 Community Windows OS L1 v2.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1 Place Databases on Non-System PartitionsCIS MySQL 5.7 Community Windows OS L1 v2.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1 Place Databases on Non-System PartitionsCIS MySQL 5.7 Community Linux OS L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.1 Place Databases on Non-System PartitionsCIS MySQL 8.0 Enterprise Linux OS L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.1 Ensure a separate partition for containers has been createdCIS Docker v1.3.1 L1 Linux Host OSUnix

SYSTEM AND COMMUNICATIONS PROTECTION

1.7 Ensure MySQL is Run Under a Sandbox EnvironmentCIS MySQL 8.0 Enterprise Linux OS L2 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Ensure appropriate DefaultDS is enabledRedhat JBoss EAP 5.xUnix

SYSTEM AND COMMUNICATIONS PROTECTION

1.12 Ensure HSQLDB Security Domain is removed - 'HsqlDbRealm = false'Redhat JBoss EAP 5.xUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Dedicate the Machine Running MySQLCIS MySQL 5.7 Community Linux OS L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Dedicate the Machine Running MySQLCIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Dedicate the Machine Running MySQLCIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Dedicate the Machine Running MySQLCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Dedicate the Machine Running MySQLCIS MySQL 5.7 Community Windows OS L1 v2.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Dedicate the Machine Running MySQLCIS MySQL 5.6 Community Linux OS L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Dedicate the Machine Running MySQLCIS MySQL 5.6 Community Windows OS L1 v2.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Dedicate the Machine Running MySQLCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Dedicate the Machine Running MySQLCIS MySQL 8.0 Enterprise Linux OS L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.2 Minimize access to secretsCIS RedHat OpenShift Container Platform 4 v1.2.0 L1OpenShift

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.3 Minimize the admission of containers wishing to share the host IPC namespaceCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.4 Minimize the admission of containers wishing to share the host IPC namespaceCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.4 Minimize the admission of containers wishing to share the host IPC namespaceCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.4 Minimize the admission of containers wishing to share the host network namespaceCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.4 Minimize the admission of containers wishing to share the host network namespaceCIS RedHat OpenShift Container Platform 4 v1.2.0 L1OpenShift

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.5 Minimize the admission of containers wishing to share the host network namespaceCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.5 Minimize the admission of containers wishing to share the host network namespaceCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.4.2 Consider external secret storageCIS RedHat OpenShift Container Platform 4 v1.2.0 L2OpenShift

SYSTEM AND COMMUNICATIONS PROTECTION

5.10 Ensure that the memory usage for containers is limitedCIS Docker v1.3.1 L1 Docker LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.11 Ensure that CPU priority is set appropriately on containersCIS Docker v1.3.1 L1 Docker LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.15 Ensure that the host's process namespace is not sharedCIS Docker v1.3.1 L1 Docker LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.16 Ensure that the host's IPC namespace is not sharedCIS Docker v1.3.1 L1 Docker LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.17 Do not directly expose host devices to containersCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.17 Do not directly expose host devices to containersCIS Docker 1.13.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.17 Do not directly expose host devices to containersCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.17 Ensure host devices are not directly exposed to containersCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.18 Ensure that the default ulimit is overwritten at runtime if neededCIS Docker v1.3.1 L1 Docker LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure that container sprawl is avoidedCIS Docker v1.3.1 L1 Linux Host OSUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.3 Ensure storage area network (SAN) resources are segregated properlyCIS VMware ESXi 6.7 v1.2.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

6.3 Ensure storage area network (SAN) resources are segregated properlyCIS VMware ESXi 7.0 v1.1.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

6.3 Mask and zone SAN resources appropriatelyCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

8.7.3 Do not send host information to guestsCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

8.7.3 Do not send host information to guestsCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

SYSTEM AND COMMUNICATIONS PROTECTION

8.7.3 Ensure host information is not sent to guestsCIS VMware ESXi 6.5 v1.0.0 Level 2VMware

SYSTEM AND COMMUNICATIONS PROTECTION

VM : restrict-host-infoVMWare vSphere 6.0 Hardening GuideVMware

SYSTEM AND COMMUNICATIONS PROTECTION

VM : restrict-host-infoVMWare vSphere 6.5 Hardening GuideVMware

SYSTEM AND COMMUNICATIONS PROTECTION

VM : restrict-host-infoVMWare vSphere 5.X Hardening GuideVMware

SYSTEM AND COMMUNICATIONS PROTECTION