Item Search

NameAudit NamePluginCategory
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.12 Ensure that no users have ACCOUNTADMIN or SECURITYADMIN as the default roleCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL

1.13 Ensure that the ACCOUNTADMIN or SECURITYADMIN role is not granted to any custom roleCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL

1.14 Ensure that Snowflake tasks are not owned by the ACCOUNTADMIN or SECURITYADMIN rolesCIS Snowflake Foundations v1.0.0 L1Snowflake

ACCESS CONTROL

2.1.2 Ensure 'ADMIN_RESTRICTIONS_' Is Set to 'ON'CIS Oracle Server 19c Linux v1.2.0Unix

ACCESS CONTROL

2.5 Ensure that the User-ID Agent has minimal permissions if User-ID is enabledCIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL

2.8 Ensure that security policies restrict User-ID Agent traffic from crossing into untrusted zonesCIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto

ACCESS CONTROL

3.6 Ensure the SQL Server's SQLAgent Service Account is Not an AdministratorCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.4.0 L1 AWS RDSMS_SQLDB

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS Microsoft SQL Server 2019 v1.4.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS SQL Server 2016 Database L1 OS v1.4.0Windows

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS SQL Server 2017 Database L1 OS v1.3.0Windows

ACCESS CONTROL

3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in AccountsCIS Microsoft SQL Server 2019 v1.4.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Red Hat EL8 Workstation L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Rocky Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL

4.3.4 Ensure users must provide password for privilege escalationCIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1Unix

ACCESS CONTROL

4.3.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Rocky Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.6 Ensure the set_user extension is installedCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

4.6 Ensure the set_user extension is installedCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

5.1.1 Ensure that the cluster-admin role is only used where requiredCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for escalationCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for escalationCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for privilege escalationCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 ServerUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for privilege escalationCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 WorkstationUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.10 Ensure SSH root login is disabledCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

ACCESS CONTROL

5.6 Adding authorised users in cron.allowCIS IBM AIX 7.1 L1 v2.1.0Unix

ACCESS CONTROL

5.6 Ensure 'CREATE USER' is Not Granted to Non-Administrative UsersCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

ACCESS CONTROL

7.2 Ensure logging of replication commands is configuredCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

18.10.81.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MSWindows

ACCESS CONTROL

19.7.40.1 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

ACCESS CONTROL

19.7.43.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

19.7.43.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL