Item Search

NameAudit NamePluginCategory
2.7 Lock Out Accounts if Not Currently in UseCIS MariaDB 10.6 Database L2 v1.1.0MySQLDB

ACCESS CONTROL

2.11 Lock Out Accounts if Not Currently in UseCIS MySQL 8.0 Community Database L2 v1.0.0MySQLDB

ACCESS CONTROL

2.13 Ensure the 'sa' Login Account is set to 'Disabled'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL

3.2.1 Ensure that the Anonymous Auth is Not Enabled DraftCIS Google Kubernetes Engine (GKE) v1.6.1 L1 NodeUnix

ACCESS CONTROL

3.3 Ensure 'Orphaned Users' are Dropped From SQL Server DatabasesCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

ACCESS CONTROL

4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin RoleCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL

4.4 Lock Out Accounts if Not Currently in UseCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

ACCESS CONTROL

4.4 Lock Out Accounts if Not Currently in UseCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

ACCESS CONTROL

5.1.5 Ensure that default service accounts are not actively used.CIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

5.1.5 Ensure that default service accounts are not actively used.CIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.5 Ensure that default service accounts are not actively used.CIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

5.2.5 Ensure maxexpired is configuredCIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL

5.2.7 Ensure Password Age Is ConfiguredCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL

5.2.7 Ensure Password Age Is ConfiguredCIS Apple macOS 13.0 Ventura v2.1.0 L1Unix

ACCESS CONTROL

5.2.7 Ensure Password Age Is ConfiguredCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.2.7 Ensure Password Age Is ConfiguredCIS Apple macOS 14.0 Sonoma v1.1.0 L1Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - useraddCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - useraddCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - usersCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - usersCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - usersCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - usersCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL

5.4.1.11 Ensure inactive password lock is 0 daysCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

5.4.2 maxexpiredCIS IBM AIX 7.2 L1 v1.1.0Unix

ACCESS CONTROL

6.5 Remove Autologin Capabilities from the GNOME desktopCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL

7.1 Set Password Expiration Parameters on Active AccountsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL

7.1.1 Set Password Expiration Days - 1-90CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

18.2.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL

18.3.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

18.3.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' (MS only)CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

18.3.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

18.9.46.1 (L1) Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

ACCESS CONTROL

18.9.46.1 (L1) Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

ACCESS CONTROL

18.9.46.1 Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL

18.10.42.1 (L1) Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MSWindows

ACCESS CONTROL

20.26 Ensure 'Emergency accounts must be automatically removed or disabled after the crisis is resolved or within 72 hours'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

20.26 Ensure 'Emergency accounts must be automatically removed or disabled after the crisis is resolved or within 72 hours'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

20.32 Ensure 'krbtgt account password' is no more than '180 days old' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.35 Ensure 'Manually managed application account passwords be changed at least annually or when a system administrator with knowledge of the password leaves the organization'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

20.35 Ensure 'Manually managed application account passwords be changed at least annually or when a system administrator with knowledge of the password leaves the organization'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.44 Ensure 'Orphaned security identifiers (SIDs) must be removed from user rights'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

20.45 Ensure 'Outdated or unused accounts are removed or disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL

20.45 Ensure 'Outdated or unused accounts are removed or disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

ACCESS CONTROL

20.45 Ensure 'Outdated or unused accounts are removed or disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.45 Ensure 'Outdated or unused accounts are removed or disabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.46 Ensure 'Passwords are configured to expire'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.46 Ensure 'Passwords are configured to expire'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

CIS Control 16 (16.8(a)) Disable Any Unassociated AccountsCAS Implementation Group 1 Audit FileUnix

ACCESS CONTROL

Salesforce.com : User Access - 'No new users have been created since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL