Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.26 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - certCIS Kubernetes Benchmark v1.7.1 L1 MasterUnix
1.3.6 Ensure that the RotateKubeletServerCertificate argument is set to trueCIS Kubernetes Benchmark v1.8.0 L1 MasterUnix
1.7.2 Ensure 'TLS 1.2' is set for HTTPS accessCIS Cisco ASA 9.x Firewall L1 v1.0.0Cisco
1.7.3 Ensure 'SSL AES 256 encryption' is set for HTTPS accessCIS Cisco ASA 9.x Firewall L1 v1.0.0Cisco
1.11 Ensure system-wide crypto policy is FUTURE or FIPSCIS CentOS Linux 8 Server L2 v1.0.1Unix
2.1 Ensure that the --cert-file and --key-file arguments are set as appropriate - certCIS Kubernetes Benchmark v1.8.0 L1 MasterUnix
2.3 Ensure that the --auto-tls argument is not set to trueCIS Kubernetes Benchmark v1.8.0 L1 MasterUnix
2.3.6.1 Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'CIS Microsoft Windows Server 2016 MS L1 v1.4.0Windows
2.3.6.1 Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NGWindows
3.2.10 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - certCIS Google Kubernetes Engine (GKE) v1.3.0 L1 NodeUnix
3.2.11 Ensure that the --rotate-certificates argument is not set to falseCIS Google Kubernetes Engine (GKE) v1.3.0 L1 NodeUnix
3.2.12 Ensure that the RotateKubeletServerCertificate argument is set to trueCIS Google Kubernetes Engine (GKE) v1.3.0 L1 NodeUnix
3.9 Ensure 'MachineKey validation method - .Net 4.5' is configured - ApplicationsCIS IIS 10 v1.2.0 Level 1Windows
4.2.9 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - keyCIS Kubernetes Benchmark v1.8.0 L1 WorkerUnix
4.2.10 Ensure that the --rotate-certificates argument is not set to falseCIS Kubernetes Benchmark v1.7.1 L1 WorkerUnix
5.1.13 Ensure only strong Ciphers are used - weak ciphersCIS Google Container-Optimized OS L1 Server v1.0.0Unix
5.2.14 Ensure system-wide crypto policy is not over-riddenCIS AlmaLinux OS 8 Server L1 v2.0.0Unix
5.3.13 Ensure only strong Ciphers are used - approved ciphersCIS CentOS 7 v3.1.1 Server L1Unix
5.3.13 Ensure only strong Ciphers are used - approved ciphersCIS CentOS 7 v3.1.2 Server L1Unix
5.3.13 Ensure only strong Ciphers are used - weak ciphersCIS CentOS 7 v3.1.1 Server L1Unix
5.3.15 Ensure only strong Key Exchange algorithms are used - approved algorithmsCIS CentOS 7 v3.1.1 Server L1Unix
5.3.15 Ensure only strong Key Exchange algorithms are used - approved algorithmsCIS CentOS 7 v3.1.2 Server L1Unix
5.3.15 Ensure only strong Key Exchange algorithms are used - weak algorithmsCIS Amazon Linux 2 v2.0.0 L1Unix
5.3.15 Ensure only strong Key Exchange algorithms are used - weak algorithmsCIS CentOS 7 v3.1.2 Workstation L1Unix
5.10 DB2AUTH Registry VariableCIS IBM DB2 11 v1.0.0 Windows OS Level 1Windows
5.10 DB2AUTH Registry VariableCIS IBM DB2 11 v1.0.0 Linux OS Level 2Unix
6.1 Ensure FTP requests are encrypted - Control Channel SitesCIS IIS 10 v1.2.0 Level 1Windows
6.2 Ensure SSLEnabled is set to True for Sensitive Connectors - verify SSLEnabled is set to trueCIS Apache Tomcat 10 L1 v1.0.0Unix
6.4 Ensure secure is set to true only for SSL-enabled Connectors - verify secure is set to trueCIS Apache Tomcat 10 L1 v1.0.0Unix
6.4 Ensure secure is set to true only for SSL-enabled Connectors - verify secure is set to trueCIS Apache Tomcat 10 L1 v1.0.0 MiddlewareUnix
7.2 Ensure SSLv2 is DisabledCIS IIS 10 v1.2.0 Level 1Windows
7.5 Ensure TLS 1.1 is Disabled - EnabledCIS IIS 10 v1.2.0 Level 1Windows
7.7 Ensure NULL Cipher Suites is DisabledCIS IIS 10 v1.2.0 Level 1Windows
7.9 Ensure RC4 Cipher Suites is Disabled - RC4 56/128CIS IIS 10 v1.2.0 Level 1Windows
8.1.2 Configure a Server-side Stash File for TLS (SSL_SVR_STASH)CIS IBM DB2 11 v1.0.0 Windows OS Level 2Windows
8.1.5 Configure a Secure TLS Version (SSL_VERSIONS)CIS IBM DB2 11 v1.0.0 Linux OS Level 2Unix
8.1.8 Configure a Client-side Key Store for TLS (SSL_CLNT_KEYDB)CIS IBM DB2 11 v1.0.0 Linux OS Level 2Unix
8.1.9 Configure a Client-side Stash File for TLS (SSL_CLNT_STASH)CIS IBM DB2 11 v1.0.0 Windows OS Level 1Windows
8.1.10 Enable TLS Communication Between HADR Primary and Standby Instances (HADR_SSL_LABEL)CIS IBM DB2 11 v1.0.0 Linux OS Level 2Unix
10.11 Force SSL for all applicationsCIS Apache Tomcat 10 L2 v1.0.0 MiddlewareUnix
18.9.98.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + BL + NGWindows
18.9.98.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + BL + NGWindows
18.9.102.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled'CIS Microsoft Intune for Windows 11 v1.0.0 L1 + BL + NGWindows
18.9.102.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - DisabledCIS Windows Server 2012 R2 MS L1 v2.6.0Windows
18.9.102.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled'CIS Microsoft Intune for Windows 11 v1.0.0 L1Windows
18.9.102.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - DisabledCIS Windows Server 2012 MS L1 v2.4.0Windows
18.9.102.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - DisabledCIS Microsoft Windows Server 2016 MS L1 v1.4.0Windows
18.9.102.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - DisabledCIS Microsoft Intune for Windows 10 v1.1.0 L1 + BLWindows
18.10.90.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled'CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BLWindows
18.10.90.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled'CIS Microsoft Intune for Windows 10 v2.0.0 L1 + NGWindows