Item Search

Name	Audit Name	Plugin	Category
1.1.3.10.6 Set 'Network access: Sharing and security model for local accounts' to 'Classic - local users authenticate as themselves'	CIS Windows 8 L1 v1.0.0	Windows	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
2.1 Ensure that IP addresses are mapped to usernames - User ID Agents	CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0	Palo_Alto	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.1 Ensure that IP addresses are mapped to usernames - Zones	CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0	Palo_Alto	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2 Ensure that WMI probing is disabled	CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0	Palo_Alto	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
2.3 Ensure that User-ID is only enabled for internal trusted interfaces	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.10.11 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
2.4 Ensure that 'Include/Exclude Networks' is used if User-ID is enabled	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0	Palo_Alto	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
5.1.8 Ensure at/cron is restricted to authorized users - at.allow	CIS Debian 8 Server L1 v2.0.2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - at.allow	CIS Debian 8 Workstation L1 v2.0.2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - at.deny	CIS Debian 8 Workstation L1 v2.0.2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - at.deny	CIS Debian 8 Server L1 v2.0.2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - cron.allow	CIS Debian 8 Workstation L1 v2.0.2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - cron.allow	CIS Debian 8 Server L1 v2.0.2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - cron.deny	CIS Debian 8 Server L1 v2.0.2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure at/cron is restricted to authorized users - cron.deny	CIS Debian 8 Workstation L1 v2.0.2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.5 Ensure SSH LogLevel is appropriate	CIS Debian 8 Server L1 v2.0.2	Unix	AUDIT AND ACCOUNTABILITY
5.2.5 Ensure SSH LogLevel is appropriate	CIS Debian 8 Workstation L1 v2.0.2	Unix	AUDIT AND ACCOUNTABILITY
5.2.12 Ensure SSH PermitUserEnvironment is disabled	CIS Debian 8 Workstation L1 v2.0.2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.2.12 Ensure SSH PermitUserEnvironment is disabled	CIS Debian 8 Server L1 v2.0.2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.3 Ensure password reuse is limited	CIS Debian 8 Workstation L1 v2.0.2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.1 Ensure the 'CREATE USER' Action Audit Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.2 Ensure no legacy '+' entries exist in /etc/passwd	CIS Debian 8 Server L1 v2.0.2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.2 Ensure the 'ALTER USER' Action Audit Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.2 Ensure the 'ALTER USER' Action Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.3 Ensure the 'DROP USER' Audit Option Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.3 Ensure the 'DROP USER' Audit Option Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.4 Ensure the 'CREATE ROLE' Action Audit Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.4 Ensure the 'CREATE ROLE' Action Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.5 Ensure the 'ALTER ROLE' Action Audit Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.6 Ensure the 'DROP ROLE' Action Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.6 Ensure the 'DROP ROLE' Action Audit Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.7 Ensure the 'GRANT' Action Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.7 Ensure the 'GRANT' Action Audit Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.8 Ensure the 'REVOKE' Action Audit Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.8 Ensure the 'REVOKE' Action Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	CIS Debian 8 Server L1 v2.0.2	Unix	ACCESS CONTROL
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	CIS Debian 8 Workstation L1 v2.0.2	Unix	ACCESS CONTROL
6.2.16 Ensure no duplicate UIDs exist	CIS Debian 8 Workstation L1 v2.0.2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.18 Ensure no duplicate user names exist	CIS Debian 8 Workstation L1 v2.0.2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.19 Ensure no duplicate group names exist	CIS Debian 8 Server L1 v2.0.2	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.27 Ensure the 'LOGON' AND 'LOGOFF' Actions Audit Is Enabled	CIS Oracle Server 18c DB Unified Auditing v1.1.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.27 Ensure the 'LOGON' AND 'LOGOFF' Actions Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search