Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Ensure that the API server pod specification file permissions are set to 600 or more restrictiveCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.3.1 Ensure separate partition exists for /homeCIS Oracle Linux 8 Server L2 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.5.1 Ensure separate partition exists for /var/tmpCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.1 Ensure separate partition exists for /var/tmpCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.1 Ensure separate partition exists for /homeCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.1 Ensure separate partition exists for /homeCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.10 Ensure separate partition exists for /varCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.11 Ensure that the etcd data directory permissions are set to 700 or more restrictiveCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.1.13 Ensure that the kubeconfig file permissions are set to 600 or more restrictiveCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.1.20 Ensure removable media partitions include noexec optionCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.10 Ensure that the admission control plugin AlwaysAdmit is not setCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.2.11 Ensure that the admission control plugin AlwaysPullImages is not setCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.2.25 Ensure that the --service-account-lookup argument is set to trueCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.6.1.1 Ensure SELinux is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.7.5 Ensure permissions on /etc/motd are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

2.1 Ensure the file permissions mask is correctCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

2.1 Ensure the file permissions mask is correctCIS PostgreSQL 16 OS v1.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.2 Ensure that the --anonymous-auth argument is set to falseCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

4.2.4 Ensure permissions on all logfiles are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

4.5 Ensure Row Level Security (RLS) is configured correctlyCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized users - /etc/at.denyCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized users - /etc/at.denyCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.1 Ensure the audit log directory is 0750 or more restrictiveCIS Red Hat EL8 Server L2 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.2 Ensure audit log files are mode 0640 or less permissiveCIS Oracle Linux 8 Server L2 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.2 Ensure audit log files are mode 0640 or less permissiveCIS Red Hat EL8 Server L2 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.3 Ensure only authorized users own audit log filesCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.5 Ensure audit configuration files are 640 or more restrictiveCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.6 Ensure audit configuration files are owned by rootCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.7 Ensure audit configuration files belong to group rootCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.9 Ensure audit tools are owned by rootCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.9 Ensure audit tools are owned by rootCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.10 Ensure audit tools belong to group rootCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.3 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.3 Ensure permissions on SSH public host key files are configuredCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.5.2 Ensure system accounts are secured - unlocked non-rootCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.7 Ensure access to the su command is restrictedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.2 Ensure permissions on /etc/passwd are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.3 Ensure permissions on /etc/passwd- are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.4 Ensure permissions on /etc/shadow are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.4 Ensure permissions on /etc/shadow are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.7 Ensure permissions on /etc/gshadow are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.8 Ensure permissions on /etc/group are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.9 Ensure permissions on /etc/group- are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zoneCIS Palo Alto Firewall 11 v1.1.0 L2Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

7.2 Ensure 'Service setting of ANY' in a security policy allowing traffic does not existCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

ACCESS CONTROL, MEDIA PROTECTION

9.9 Check Permissions on User Home DirectoriesCIS Oracle Solaris 11.4 L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

DG0009: DBMS software library permissions - '/etc/profile umask < 022'DISA STIG Oracle 11 Installation v8r19 LinuxUnix

ACCESS CONTROL