Item Search

NameAudit NamePluginCategory
1.1.1 (L1) Ensure 'Enforce password history' is set to '24 or more password(s)'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)'CIS Windows Server 2012 DC L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION

1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.1.5 Ensure 'Password Policy' is enabled - lifetimeCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.3.4 Ensure that the --service-account-private-key-file argument is set as appropriateCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION

1.4.3 Ensure authentication required for single user modeCIS Debian 10 Server L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

1.4.4 Set password length for local credentialsCIS Cisco NX-OS L1 v1.1.0Cisco

IDENTIFICATION AND AUTHENTICATION

2.1.14 Ensure that the RotateKubeletClientCertificate argument is set to trueCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.1.14 Ensure that the RotateKubeletServerCertificate argument is set to trueCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.1.15 Ensure that the RotateKubeletServerCertificate argument is set to trueCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.2.1 Ensure 'Password Policy' is enabledCIS Fortigate 7.0.x v1.3.0 L1FortiGate

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 (L1) Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 (L1) Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.6 Ensure that the --peer-auto-tls argument is not set to trueCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION

2.6 Ensure that the --peer-auto-tls argument is not set to trueCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION

2.11.1 Ensure Users' Accounts Do Not Have a Password HintCIS Apple macOS 13.0 Ventura v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.11.1 Ensure Users' Accounts Do Not Have a Password HintCIS Apple macOS 14.0 Sonoma v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.2.6 Ensure SSH PAM is enabledCIS Debian 10 Server L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

4.2.9 Ensure SSH PermitEmptyPasswords is disabledCIS Debian 10 Server L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

4.2.11 Ensure sshd IgnoreRhosts is enabledCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

4.4.1 Ensure password creation requirements are configuredCIS Debian 10 Workstation L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.2.6 Ensure password maximum sequential characters is configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

4.4.2.3.3 Ensure password history is enforced for the root userCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

4.5.1.4 Ensure inactive password lock is 30 days or lessCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.2.4 Ensure Complex Password Must Contain Numeric Character Is ConfiguredCIS Apple macOS 12.0 Monterey v3.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.5 Ensure Complex Password Must Contain Special Character Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is ConfiguredCIS Apple macOS 12.0 Monterey v3.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is ConfiguredCIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is ConfiguredCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is ConfiguredCIS Apple macOS 14.0 Sonoma v1.1.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.3.1 Ensure password creation requirements are configured - minlenCIS Debian Family Workstation L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.1.2 Ensure minimum days between password changes is 7 or moreCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.1.3 Ensure password expiration warning days is 7 or moreCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1.1 Ensure password expiration is 365 days or less - login.defsCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.1 Ensure password expiration is 365 days or less - usersCIS Debian Family Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.2 Ensure minimum days between password changes is configured - usersCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.3 Ensure password expiration warning days is 7 or more - login.defsCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.3 Ensure password expiration warning days is 7 or more - login.defsCIS Debian Family Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.5 Ensure all users last password change date is in the pastCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.5 Ensure all users last password change date is in the pastCIS Debian Family Workstation L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Debian Family Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Debian Family Workstation L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.1 Ensure password fields are not emptyCIS Debian 9 Server L1 v1.0.1Unix

IDENTIFICATION AND AUTHENTICATION

7.6 Ensure that the swarm manager auto-lock key is rotated periodicallyCIS Docker v1.6.0 L1 Docker SwarmUnix

IDENTIFICATION AND AUTHENTICATION

7.8 Ensure that CA certificates are rotated as appropriateCIS Docker v1.6.0 L1 Docker SwarmUnix

IDENTIFICATION AND AUTHENTICATION

8.2.6 Create a Strong PasswordCIS IBM DB2 11 v1.1.0 Database Level 2IBM_DB2DB

IDENTIFICATION AND AUTHENTICATION

18.3.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only)CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

18.3.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION