Item Search

NameAudit NamePluginCategory
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.5 Ensure Interactive Login is DisabledCIS MySQL 5.6 Enterprise Linux OS L2 v2.0.0Unix

ACCESS CONTROL

1.5 Ensure Interactive Login is DisabledCIS MySQL 5.7 Enterprise Linux OS L2 v2.0.0Unix

ACCESS CONTROL

2.2.1 Ensure that NGINX is run using a non-privileged, dedicated service accountCIS NGINX Benchmark v2.1.0 L1 WebserverUnix

ACCESS CONTROL

2.2.2 Ensure administrator password retries and lockout time are configuredCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL

3.1 Ensure least privilege for database accountsCIS MongoDB 6 L1 DB v1.1.0MongoDB

ACCESS CONTROL

3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privilegesCIS MongoDB 5 L1 DB v1.2.0MongoDB

ACCESS CONTROL

4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS Oracle Linux 8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Red Hat EL8 Workstation L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Rocky Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

4.3.4 Ensure users must provide password for escalationCIS Oracle Linux 8 Server L2 v3.0.0Unix

ACCESS CONTROL

4.3.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Rocky Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

5.1.1 Ensure that the cluster-admin role is only used where requiredCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

5.1.7 Avoid use of system:masters groupCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.2 Ensure 'FILE' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for escalationCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Community Database L2 v1.0.0MySQLDB

ACCESS CONTROL

5.3.4 Ensure users must provide password for escalationCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

ACCESS CONTROL

5.4 Ensure 'SUPER' is Not Granted to Non-Administrative UsersCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.4 Ensure 'SUPER' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Community Database L1 v1.0.0MySQLDB

ACCESS CONTROL

5.4 Ensure root login is restricted to system consoleCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative UsersCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Community Database L1 v1.0.0MySQLDB

ACCESS CONTROL

5.5 Ensure the 'root' Account Is DisabledCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

ACCESS CONTROL

5.5 Ensure the 'root' Account Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

ACCESS CONTROL

5.6 Ensure 'CREATE USER' is Not Granted to Non-Administrative UsersCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL

5.6 Ensure 'CREATE USER' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Community Database L1 v1.0.0MySQLDB

ACCESS CONTROL

5.6 Ensure the 'root' Account Is DisabledCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL

5.7 Ensure 'GRANT OPTION' is Not Granted to Non-Administrative UsersCIS MySQL 8.0 Community Database L1 v1.0.0MySQLDB

ACCESS CONTROL

9.4 Ensure 'super_priv' Is Not Set to 'Y' for Replication UsersCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL

9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication UsersCIS MySQL 8.0 Community Database L1 v1.0.0MySQLDB

ACCESS CONTROL

18.4.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled' (MS only)CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

18.10.81.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

18.10.81.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

18.10.81.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

18.10.81.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL

19.7.40.1 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

ACCESS CONTROL