Item Search

NameAudit NamePluginCategory
1.2 Ensure 'Host headers' are on all sitesCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

1.4 Ensure Service Runlevel Is Registered And Set CorrectlyCIS PostgreSQL 9.5 OS v1.1.0Unix

SYSTEM AND SERVICES ACQUISITION

1.4 Ensure systemd Service Files Are EnabledCIS PostgreSQL 10 OS v1.0.0Unix

SYSTEM AND SERVICES ACQUISITION

1.14 Ensure API Keys Are Restricted to Only APIs That Application Needs AccessCIS Google Cloud Platform v3.0.0 L2GCP

PLANNING, SYSTEM AND SERVICES ACQUISITION

2.4 Ensure 'forms authentication' is set to use cookies - ApplicationCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.4 Ensure 'forms authentication' is set to use cookies - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.6 Ensure aufs storage driver is not usedCIS Docker v1.6.0 L1 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.9 Enable user namespace support - /etc/subgidCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.9 Enable user namespace support - /etc/subuidCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.9 Enable user namespace support - SecurityOptionsCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.9 Ensure MySQL is Bound to an IP AddressCIS MySQL 5.6 Enterprise Database L2 v2.0.0MySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION

2.10 Ensure the default cgroup usage has been confirmed - daemon.jsonCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.10 Ensure the default cgroup usage has been confirmed - dockerdCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

2.17 Ensure that a daemon-wide custom seccomp profile is applied if appropriateCIS Docker v1.6.0 L2 Docker LinuxUnix

SYSTEM AND SERVICES ACQUISITION

3.1 Ensure 'deployment method retail' is setCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.2 Ensure 'debug' is turned off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.2 Ensure 'debug' is turned off - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.3 Ensure custom error messages are not off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.3 Ensure custom error messages are not off - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.5 Ensure ASP.NET stack tracing is not enabled - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.5 Ensure ASP.NET stack tracing is not enabled - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.6 Ensure 'httpcookie' mode is configured for session state - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.6 Ensure 'httpcookie' mode is configured for session state - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.7 Ensure 'cookies' are set with HttpOnly attribute - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.7 Ensure 'cookies' are set with HttpOnly attribute - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.1 Ensure 'maxAllowedContentLength' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.1 Ensure 'maxAllowedContentLength' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.2 Ensure 'maxURL request filter' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.2 Ensure 'maxURL request filter' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - %WINDIR%\my.cnfCIS MySQL 5.6 Community Windows OS L2 v2.0.0Windows

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - MYSQL_INSTALL\my.cnfCIS MySQL 5.6 Community Windows OS L2 v2.0.0Windows

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - MYSQL_INSTALL\my.iniCIS MySQL 5.6 Community Windows OS L2 v2.0.0Windows

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - SYSCONFDIR/my.cnfCIS MySQL 5.6 Community Linux OS L2 v2.0.0Unix

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - SYSCONFDIR/my.cnf passedCIS MySQL 5.6 Community Linux OS L2 v2.0.0Unix

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'MaxQueryString request filter' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.3 Ensure 'MaxQueryString request filter' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.4 Ensure non-ASCII characters in URLs are not allowed - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.4 Ensure non-ASCII characters in URLs are not allowed - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.6 Ensure 'HTTP Trace Method' is disabled - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.6 Ensure 'HTTP Trace Method' is disabled - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.7 Ensure Unlisted File Extensions are not allowed - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.7 Ensure Unlisted File Extensions are not allowed - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.9 Ensure 'notListedIsapisAllowed' is set to falseCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.10 Ensure 'notListedCgisAllowed' is set to falseCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

6.3 Ensure 'Postmaster' Runtime Parameters are ConfiguredCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.3 Ensure 'Postmaster' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.4 Ensure 'SIGHUP' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

7.4 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - '@@global.sql_mode'CIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

PLANNING, SYSTEM AND SERVICES ACQUISITION