Item Search

Name	Audit Name	Plugin	Category
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Red Hat EL8 Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Red Hat EL8 Server L1 v1.0.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing	CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS Oracle Linux 6 Workstation L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS Amazon Linux v2.1.0 L2	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS Red Hat 6 Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS SUSE Linux Enterprise Server 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured	CIS CentOS 6 Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'	CIS Ubuntu Linux 16.04 LTS Server L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'	CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'	CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0	Unix	ACCESS CONTROL
1.6.2.1 Ensure SELinux is not disabled in bootloader configuration - enforcing=0	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	ACCESS CONTROL
1.6.2.1 Ensure SELinux is not disabled in bootloader configuration - selinux=0	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - processes unconfined	CIS SUSE Linux Enterprise Server 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - profiles loaded	CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0	Unix	ACCESS CONTROL
1.7.1.1 Ensure AppArmor is installed	CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured	CIS Oracle Linux 7 Server L1 v3.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured	CIS Oracle Linux 7 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux mode is enforcing or permissive	CIS Oracle Linux 7 Server L1 v3.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux mode is enforcing or permissive - config	CIS Oracle Linux 7 Server L1 v3.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux mode is enforcing or permissive - config	CIS Oracle Linux 7 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
2.1 Ensure IAM Policy for EC2 IAM Roles for Web tier is configured	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	ACCESS CONTROL
2.2 Ensure IAM Policy for EC2 IAM Roles for App tier is configured	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	ACCESS CONTROL
2.4.2 Restrict BIND Access with SELinux 'named_disable_trans'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.4.2 Restrict BIND Access with SELinux 'named_write_master_zones'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.4.2 Restrict BIND Access with SELinux 'SELINUX'	CIS ISC BIND 9.0/9.5 v2.0.0	Unix	ACCESS CONTROL
2.210 - The system must enable SELinux.	Tenable Fedora Linux Best Practices v2.0.0	Unix	ACCESS CONTROL
2.900 - All system device files must be correctly labeled to prevent unauthorized modification - unlabeled_t	Tenable Fedora Linux Best Practices v2.0.0	Unix	ACCESS CONTROL
3.4.3.8 Ensure nftables rules are permanent	CIS Red Hat EL8 Server L1 v1.0.0	Unix	ACCESS CONTROL
3.4.3.8 Ensure nftables rules are permanent	CIS Red Hat EL8 Workstation L1 v1.0.0	Unix	ACCESS CONTROL
4.5 Activate AppArmor - 'Profiles are loaded' - Review	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	ACCESS CONTROL
4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - apparmor=1	CIS Debian Linux 7 L2 v1.0.0	Unix	ACCESS CONTROL
4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - security=apparmor	CIS Debian Linux 7 L2 v1.0.0	Unix	ACCESS CONTROL
4.5 Activate AppArmor - profiles are loaded	CIS Debian Linux 7 L2 v1.0.0	Unix	ACCESS CONTROL
5.1 Do not disable AppArmor	CIS Docker 1.12.0 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.1 Verify AppArmor	CIS Docker 1.11.0 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.1 Verify AppArmor	CIS Docker 1.6 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.2 Verify SELinux security options, if applicable	CIS Docker 1.12.0 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.2 Verify SELinux security options, if applicable (Scored)	CIS Docker 1.6 v1.0.0 L2 Docker	Unix	ACCESS CONTROL
5.5 NFS - 'nfs.v4.acl.enable = on'	TNS NetApp Data ONTAP 7G	NetApp	ACCESS CONTROL
12 - Restrict BIND Access with SELinux - named_disable_trans	BIND - TNS BIND Best Practices Audit v1.0.0	Unix	ACCESS CONTROL
IBM i : Allow User Domain Objects (QALWUSRDMN) - '*ALL'	IBM System i Security Reference for V7R3	AS/400	ACCESS CONTROL
IBM i : Allow User Domain Objects (QALWUSRDMN) - '*ALL'	IBM System i Security Reference for V7R2	AS/400	ACCESS CONTROL
IBM i : Allow User Domain Objects (QALWUSRDMN) - '*ALL'	IBM System i Security Reference for V7R1 and V6R1	AS/400	ACCESS CONTROL
PCI 7.1 Limit access to system components and cardholder data to only those individuals whose job requires such access -SELINUXTYPE=targeted	PCI DSS 2.0/3.0 - Red Hat Linux	Unix	ACCESS CONTROL
PCI 7.1 Limit access to system components and cardholder data to only those individuals whose job requires such access -sestatus	PCI DSS 2.0/3.0 - Red Hat Linux	Unix	ACCESS CONTROL

Detections

Analytics

Item Search