1.1.21 Ensure sticky bit is set on all world-writable directories | CIS Red Hat EL8 Server L1 v1.0.0 | Unix | ACCESS CONTROL |
1.2.7 Reduce the sudo timeout period | CIS Apple OSX 10.6 Snow Leopard L2 v1.0.0 | Unix | ACCESS CONTROL |
1.3.1 Ensure sudo is installed | CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1 | Unix | ACCESS CONTROL |
1.3.4 Restrict sudo users to being able to access only required commands | CIS Apple OSX 10.6 Snow Leopard L2 v1.0.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | CIS Amazon Linux v2.1.0 L2 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | CIS Red Hat 6 Server L2 v2.1.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | CIS SUSE Linux Enterprise Server 12 L2 v2.1.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file' | CIS Ubuntu Linux 16.04 LTS Server L2 v1.1.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file' | CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | ACCESS CONTROL |
1.6.2.1 Ensure SELinux is not disabled in bootloader configuration - enforcing=0 | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL |
1.6.2.2 Ensure all AppArmor Profiles are enforcing - processes unconfined | CIS SUSE Linux Enterprise Server 12 L2 v2.1.0 | Unix | ACCESS CONTROL |
1.6.2.2 Ensure all AppArmor Profiles are enforcing - profiles loaded | CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0 | Unix | ACCESS CONTROL |
1.7.1.4 Ensure the SELinux mode is enforcing or permissive - config | CIS Oracle Linux 7 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
2.6 Ensure AutoScaling Group Launch Configuration for App Tier is configured to use an App-Tier IAM Role | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | ACCESS CONTROL |
2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t dom info' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
2.13.2 - PCM - enhanced RBAC (AIX 6.1 only) - 'lskst -t role info' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
3.04 Oracle account .profile file - 'Unix systems umask 022' | CIS Oracle 9/10 OS Audit L1 v2.01 | Unix | ACCESS CONTROL |
4.5 Activate AppArmor - profiles are loaded | CIS Debian Linux 7 L2 v1.0.0 | Unix | ACCESS CONTROL |
5.1 Verify AppArmor | CIS Docker 1.11.0 v1.0.0 L2 Docker | Unix | ACCESS CONTROL |
5.1 Verify AppArmor | CIS Docker 1.6 v1.0.0 L2 Docker | Unix | ACCESS CONTROL |
5.3 Reduce the sudo timeout period | CIS Apple macOS 10.12 L1 v1.1.0 | Unix | ACCESS CONTROL |
5.3 Reduce the sudo timeout period | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
6.4 Ensure system device files are labeled - unlabeled_t | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
13. OpenStack Compute - Policy.json - 'compute_extension:quotas:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
14. OpenStack Compute - Policy.json - 'compute_extension:migrations:index' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
17. OpenStack Compute - Policy.json - 'os_compute_api:os-personality:discoverable' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
20.47 Ensure 'Permissions for program file directories must conform to minimum requirements' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
20.51 Ensure 'Permissions for the Windows installation directory conform to minimum requirements' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | ACCESS CONTROL |
20.52 Ensure 'Permissions for the Windows installation directory conform to minimum requirements' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
20.52 Ensure 'Permissions for the Windows installation directory conform to minimum requirements' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
22. OpenStack Compute - Policy.json - 'compute_extension:cells:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
23. OpenStack Compute - Policy.json - 'context_is_admin' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
24. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:update' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
37. OpenStack Compute - Policy.json - 'compute_extension:flavorextraspecs:update' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
39. OpenStack Compute - Policy.json - 'os_compute_api:os-instance-actions:events' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
45. OpenStack Compute - Policy.json - 'os_compute_api:os-admin-actions:inject_network_info' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
46. OpenStack Compute - Policy.json - 'os_compute_api:os-services' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
62. OpenStack Compute - Policy.json - 'os_compute_api:os-migrations:index' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
63. OpenStack Compute - Policy.json - 'os_compute_api:os-pause-server:unpause' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
116. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
118. OpenStack Compute - Policy.json - 'os_compute_api:os-flavor-access:add_tenant_access' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
121. OpenStack Compute - Policy.json - 'network:attach_external_network' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
125. OpenStack Compute - Policy.json - 'compute:unlock_override' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
128. OpenStack Compute - Policy.json - 'compute_extension:flavorextraspecs:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
135. OpenStack Compute - Policy.json - 'compute_extension:instance_actions:events' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
137. OpenStack Compute - Policy.json - 'compute_extension:flavorextraspecs:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
IBM i : Allow User Domain Objects (QALWUSRDMN) - '*ALL' | IBM System i Security Reference for V7R2 | AS/400 | ACCESS CONTROL |
PCI 2.2.4 - Verify that common security parameter settings are included - 'default umask = 27' | PCI DSS 2.0/3.0 - AIX | Unix | ACCESS CONTROL |