Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.10.6 Ensure 'logging history severity level' is set to greater than or equal to '5'CIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

AUDIT AND ACCOUNTABILITY

2.11 Java 6 is not the default Java runtimeCIS Apple OSX 10.9 L2 v1.3.0Unix

CONFIGURATION MANAGEMENT

2.26 Ensure fewer than 5 users have global administrator assignmentCIS Microsoft Azure Foundations v3.0.0 L1microsoft_azure

ACCESS CONTROL

3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'CIS Oracle Server 11g R2 DB v2.2.0OracleDB
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

4.1.17 Ensure kernel module loading and unloading is collected - /sbin/insmodCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - /sbin/modprobeCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - /sbin/rmmodCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmodCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobeCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmodCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmodCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl init_moduleCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl init_moduleCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl init_moduleCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmodCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmodCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl modprobeCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl modprobeCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl rmmodCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - insmodCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - insmodCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - modprobeCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - rmmodCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.8 Ensure Billing Alerts are enabled for increments of X spendCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws
4.8.3 Ensure loginretries is configuredCIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL

5.1.1 Ensure Home Folders Are SecureCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.1 Configure account lockout thresholdCIS Apple macOS 10.13 L1 v1.1.0Unix

ACCESS CONTROL

5.2.1 Ensure Password Account Lockout Threshold Is ConfiguredCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL

5.3.2.1.1 Ensure password failed attempts lockout is configuredCIS SUSE Linux Enterprise 15 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.2.1.1 Ensure password failed attempts lockout is configuredCIS SUSE Linux Enterprise 15 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.12 Ensure password prohibited reuse is at a minumum '5'CIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001003 - The BIND 9.x server software must run with restricted privileges.DISA BIND 9.x STIG v2r3Unix

CONFIGURATION MANAGEMENT

CASA-ND-000690 - The Cisco ASA must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.DISA STIG Cisco ASA NDM v2r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000320 - The Cisco perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.DISA STIG Cisco IOS Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000320 - The Cisco perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

Console inactivity timerArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

ACCESS CONTROL

DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmoMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - scanMaxTmoMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-017 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to deny access to the file if scanning fails.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

SYSTEM AND INFORMATION INTEGRITY

Login: Idle connections time out after 5 minutes or lessTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

CONFIGURATION MANAGEMENT

OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLEngineDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

OL6-00-000290 - X Windows must not be enabled unless required.DISA STIG Oracle Linux 6 v2r7Unix

CONFIGURATION MANAGEMENT

RHEV: All VMsTenable RedHat Enterprise VirtualizationRHEV
RHEV: Product InfoTenable RedHat Enterprise VirtualizationRHEV
VCEM-70-000012 - ESX Agent Manager must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled.DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2Unix

CONFIGURATION MANAGEMENT

VCLU-70-000012 - Lookup Service must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled - MIMEs that invoke operating system shell programs disabled.DISA STIG VMware vSphere 7.0 Lookup Service v1r2Unix

CONFIGURATION MANAGEMENT