Item Search

NameAudit NamePluginCategory
1.1.1 Ensure that the --allow-privileged argument is set to falseCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

ACCESS CONTROL

1.1.7 Set 'aaa accounting' to log all privileged use commands using 'commands 15'CIS Cisco IOS 16 L2 v1.1.2Cisco

CONFIGURATION MANAGEMENT

1.3.3 Ensure 'Prevent Password Reuse Limit' is set to 24 or more passwordsCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.3 Ensure 'Prevent Password Reuse Limit' is set to 24 or more passwordsCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.4 Ensure 'Required Password Change Period' is less than or equal to 90 daysCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.5 Ensure 'Password Profiles' do not existCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.6 Ensure 'Minimum Uppercase Letters' is greater than or equal to 1CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.7 Ensure 'Minimum Lowercase Letters' is greater than or equal to 1CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.8 Ensure 'Minimum Numeric Letters' is greater than or equal to 1CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.10 Ensure 'Password Profiles' do not existCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL

1.6.4 Ensure that the seccomp profile is set to docker/default in your pod definitionsCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix
1.6.4 Ensure that the seccomp profile is set to docker/default in your pod definitionsCIS Kubernetes 1.11 Benchmark v1.3.0 L2Unix
1.6.5 Ensure that the seccomp profile is set to docker/default in your pod definitionsCIS Kubernetes 1.7.0 Benchmark v1.1.0 L2Unix
1.6.5 Ensure that the seccomp profile is set to docker/default in your pod definitionsCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix
1.6.8 Place compensating controls in the form of PSP and RBAC for privileged containers usage - clusterrolebindingCIS Kubernetes 1.11 Benchmark v1.3.0 L2Unix

CONFIGURATION MANAGEMENT

1.6.8 Place compensating controls in the form of PSP and RBAC for privileged containers usage - clusterrolebindingCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix

CONFIGURATION MANAGEMENT

1.6.8 Place compensating controls in the form of PSP and RBAC for privileged containers usage - pspCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix

CONFIGURATION MANAGEMENT

1.6.8 Place compensating controls in the form of PSP and RBAC for privileged containers usage - pspCIS Kubernetes 1.11 Benchmark v1.3.0 L2Unix

CONFIGURATION MANAGEMENT

1.6.8 Place compensating controls in the form of PSP and RBAC for privileged containers usage - rolebindingCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix

CONFIGURATION MANAGEMENT

1.6.8 Place compensating controls in the form of PSP and RBAC for privileged containers usage - rolebindingCIS Kubernetes 1.11 Benchmark v1.3.0 L2Unix

CONFIGURATION MANAGEMENT

1.6.9 Place compensating controls in the form of PSP and RBAC for privileged containers usage - clusterrolebindingCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix

CONFIGURATION MANAGEMENT

1.6.9 Place compensating controls in the form of PSP and RBAC for privileged containers usage - pspCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix

CONFIGURATION MANAGEMENT

1.6.9 Place compensating controls in the form of PSP and RBAC for privileged containers usage - rolebindingCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix

CONFIGURATION MANAGEMENT

1.9 Ensure 'Developer Options' is set to 'Disabled'MobileIron - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

1.11 Do not root your deviceAirWatch - CIS Google Android v1.3.0 L1MDM
1.11 Do not root your deviceMobileIron - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

2.3 Ensure Docker is allowed to make changes to iptablesCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure that the User-ID service account does not have interactive logon rightsCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL

2.6 Ensure that the User-ID service account does not have interactive logon rightsCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL

2.18 Ensure containers are restricted from acquiring new privilegesCIS Docker Community Edition v1.1.0 L1 DockerUnix

ACCESS CONTROL

3.5 Ensure the Group Is Set Correctly on Apache Directories and FilesCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

3.5 Ensure the Group Is Set Correctly on Apache Directories and FilesCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

3.5 Ensure the Group Is Set Correctly on Apache Directories and FilesCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

5.4.3 Ensure default group for the root account is GID 0CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

ACCESS CONTROL

5.4.3 Ensure default group for the root account is GID 0CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.4.3 Ensure default group for the root account is GID 0CIS Amazon Linux v2.1.0 L1Unix

ACCESS CONTROL

5.5.3 Ensure default group for the root account is GID 0CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.5.3 Ensure default group for the root account is GID 0CIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0Unix

ACCESS CONTROL

5.7.2 Ensure that the seccomp profile is set to docker/default in your pod definitionsCIS Kubernetes Benchmark v1.6.1 L2 MasterUnix
5.23 Ensure docker exec commands are not used with user optionCIS Docker Community Edition v1.1.0 L2 DockerUnix
5.25 Ensure the container is restricted from acquiring additional privilegesCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure that the minimum number of manager nodes have been created in a swarmCIS Docker v1.3.1 L1 Docker LinuxUnix

CONFIGURATION MANAGEMENT

7.2 Ensure the minimum number of manager nodes have been created in a swarmCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

18.8.28.1 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.0 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

Do not display network selection UIMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Do not display network selection UIMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Do not display network selection UIMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Do not display network selection UIMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Do not display network selection UIMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Ensure default group for the root account is GID 0Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL