1.2 Ensure 'Host headers' are on all sites | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
1.4 Ensure Service Runlevel Is Registered And Set Correctly | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
1.4 Ensure systemd Service Files Are Enabled | CIS PostgreSQL 10 OS v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
1.14 Ensure API Keys Are Restricted to Only APIs That Application Needs Access | CIS Google Cloud Platform v3.0.0 L2 | GCP | PLANNING, SYSTEM AND SERVICES ACQUISITION |
2.4 Ensure 'forms authentication' is set to use cookies - Application | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
2.4 Ensure 'forms authentication' is set to use cookies - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
2.6 Ensure aufs storage driver is not used | CIS Docker v1.6.0 L1 Docker Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
2.9 Enable user namespace support - /etc/subgid | CIS Docker v1.6.0 L2 Docker Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
2.9 Enable user namespace support - /etc/subuid | CIS Docker v1.6.0 L2 Docker Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
2.9 Enable user namespace support - SecurityOptions | CIS Docker v1.6.0 L2 Docker Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
2.9 Ensure MySQL is Bound to an IP Address | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
2.10 Ensure the default cgroup usage has been confirmed - daemon.json | CIS Docker v1.6.0 L2 Docker Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
2.10 Ensure the default cgroup usage has been confirmed - dockerd | CIS Docker v1.6.0 L2 Docker Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
2.17 Ensure that a daemon-wide custom seccomp profile is applied if appropriate | CIS Docker v1.6.0 L2 Docker Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
3.1 Ensure 'deployment method retail' is set | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.2 Ensure 'debug' is turned off - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.2 Ensure 'debug' is turned off - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.3 Ensure custom error messages are not off - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.3 Ensure custom error messages are not off - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.5 Ensure ASP.NET stack tracing is not enabled - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.5 Ensure ASP.NET stack tracing is not enabled - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.6 Ensure 'httpcookie' mode is configured for session state - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.6 Ensure 'httpcookie' mode is configured for session state - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.7 Ensure 'cookies' are set with HttpOnly attribute - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
3.7 Ensure 'cookies' are set with HttpOnly attribute - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.1 Ensure 'maxAllowedContentLength' is configured - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.1 Ensure 'maxAllowedContentLength' is configured - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.2 Ensure 'maxURL request filter' is configured - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.2 Ensure 'maxURL request filter' is configured - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - %WINDIR%\my.cnf | CIS MySQL 5.6 Community Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.6 Community Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - MYSQL_INSTALL\my.ini | CIS MySQL 5.6 Community Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - SYSCONFDIR/my.cnf | CIS MySQL 5.6 Community Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - SYSCONFDIR/my.cnf passed | CIS MySQL 5.6 Community Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
4.3 Ensure 'MaxQueryString request filter' is configured - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.3 Ensure 'MaxQueryString request filter' is configured - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.4 Ensure non-ASCII characters in URLs are not allowed - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.4 Ensure non-ASCII characters in URLs are not allowed - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.6 Ensure 'HTTP Trace Method' is disabled - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.6 Ensure 'HTTP Trace Method' is disabled - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.7 Ensure Unlisted File Extensions are not allowed - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.7 Ensure Unlisted File Extensions are not allowed - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.9 Ensure 'notListedIsapisAllowed' is set to false | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
4.10 Ensure 'notListedCgisAllowed' is set to false | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | SYSTEM AND SERVICES ACQUISITION |
6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | SYSTEM AND SERVICES ACQUISITION |
6.4 Ensure 'SIGHUP' Runtime Parameters are Configured | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | SYSTEM AND SERVICES ACQUISITION |
7.4 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - '@@global.sql_mode' | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |