Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3.6 Apply Security Context to Your Pods and ContainersCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix
1.3.6 Apply Security Context to Your Pods and ContainersCIS Kubernetes 1.7.0 Benchmark v1.1.0 L2Unix
1.6.6 Apply Security Context to Your Pods and ContainersCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix
1.6.6 Apply Security Context to Your Pods and ContainersCIS Kubernetes 1.7.0 Benchmark v1.1.0 L2Unix
1.8.7.2.1.3 Ensure 'Word 6.0 Binary Documents and Templates' is set to Enabled (Open/Save blocked, use open policy)CIS Microsoft Office Word 2016 v1.1.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.28 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' - LOCAL SERVICE, NETWORK SERVICECIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

2.2.28 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' - LOCAL SERVICE, NETWORK SERVICECIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.7 Ensure 'passwordFormat' is not set to clearCIS IIS 8.0 v1.5.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION

2.7 Ensure 'passwordFormat' is not set to clear - ApplicationsCIS IIS 7 L1 v1.8.0Windows

IDENTIFICATION AND AUTHENTICATION

4.6.3 Apply Security Context to Pods and ContainersCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2GCP

CONFIGURATION MANAGEMENT

4.6.3 Apply Security Context to Pods and ContainersCIS Google Kubernetes Engine (GKE) v1.7.0 L2GCP

CONFIGURATION MANAGEMENT

5.2 Ensure Advanced IIS logging is enabledCIS IIS 7 L1 v1.8.0Windows

AUDIT AND ACCOUNTABILITY

5.3 Ensure 'ETW Logging' is enabledCIS IIS 10 v1.2.1 Level 1Windows

AUDIT AND ACCOUNTABILITY

5.7.3 Apply Security Context to Your Pods and ContainersCIS Kubernetes v1.24 Benchmark v1.0.0 L2 MasterUnix

CONFIGURATION MANAGEMENT

5.7.3 Apply Security Context to Your Pods and ContainersCIS Kubernetes v1.10.0 L2 MasterUnix

CONFIGURATION MANAGEMENT

7.6 Ensure TLS 1.1 is enabledCIS IIS 7 L1 v1.8.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

20.13 (L1) Ensure 'Web browser is supported and secured'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : audit-exception-usersVMWare vSphere 6.5 Hardening GuideVMware

ACCESS CONTROL

ESXi : config-ntpVMWare vSphere 6.0 Hardening GuideVMware

AUDIT AND ACCOUNTABILITY

ESXi : enable-strict-lockdown-modeVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

IIST-SI-000217 - The IIS 10.0 website must have Web Distributed Authoring and Versioning (WebDAV) disabled.DISA IIS 10.0 Site v2r10Windows

CONFIGURATION MANAGEMENT

IIST-SI-000223 - The IIS 10.0 website must generate unique session identifiers that cannot be reliably reproduced.DISA IIS 10.0 Site v2r10Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SI-000234 - Debugging and trace information used to diagnose the IIS 10.0 website must be disabled.DISA IIS 10.0 Site v2r10Windows

SYSTEM AND INFORMATION INTEGRITY

IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events.DISA IIS 10.0 Server v2r10Windows

AUDIT AND ACCOUNTABILITY

IIST-SV-000119 - The IIS 10.0 web server must not be both a website server and a proxy server.DISA IIS 10.0 Server v2r10Windows

CONFIGURATION MANAGEMENT

IIST-SV-000119 - The IIS 10.0 web server must not be both a website server and a proxy server.DISA IIS 10.0 Server v3r2Windows

CONFIGURATION MANAGEMENT

IIST-SV-000158 - Unspecified file extensions on a production IIS 10.0 web server must be removed.DISA IIS 10.0 Server v2r10Windows

CONFIGURATION MANAGEMENT

IISW-SI-000203 - A private IIS 8.5 website must only accept Secure Socket Layer connections.DISA IIS 8.5 Site v2r9Windows

ACCESS CONTROL

IISW-SI-000204 - A public IIS 8.5 website must only accept Secure Socket Layer connections when authentication is required.DISA IIS 8.5 Site v2r9Windows

ACCESS CONTROL

IISW-SI-000223 - The IIS 8.5 website must generate unique session identifiers that cannot be reliably reproduced.DISA IIS 8.5 Site v2r9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SI-000234 - Debugging and trace information used to diagnose the IIS 8.5 website must be disabled.DISA IIS 8.5 Site v2r9Windows

SYSTEM AND INFORMATION INTEGRITY

IISW-SV-000134 - The IIS 8.5 web server must use cookies to track session state.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SV-000158 - Unspecified file extensions on a production IIS 8.5 web server must be removed.DISA IIS 8.5 Server v2r7Windows

CONFIGURATION MANAGEMENT

VM : disable-console-gui-optionsVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-autologonVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

VM : disable-unexposed-features-biosbbsVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-getcredsVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-memsfssVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-shellactionVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-versiongetVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-versionsetVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-vix-messagesVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-VMtools-autoinstallVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disconnect-devices-floppyVMWare vSphere 6.0 Hardening GuideVMware

MEDIA PROTECTION

VM : prevent-device-interaction-connectVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

vNetwork : reject-forged-transmit - 'vSwitch'VMWare vSphere 6.0 Hardening GuideVMware

SYSTEM AND COMMUNICATIONS PROTECTION

vNetwork : reject-mac-changes-dvportgroupVMWare vSphere 6.0 Hardening GuideVMware

SYSTEM AND COMMUNICATIONS PROTECTION

vNetwork : restrict-port-level-overridesVMWare vSphere 6.0 Hardening GuideVMware