Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.3 Ensure gpgcheck is globally activatedCIS Amazon Linux 2 STIG v1.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

1.2.4 Ensure software packages have been digitally signed by a Certificate Authority (CA)CIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

1.3 Ensure Apache Is Installed From the Appropriate BinariesCIS Apache HTTP Server 2.4 L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.3 Ensure Apache Is Installed From the Appropriate BinariesCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

1.3 Ensure Apache Is Installed From the Appropriate BinariesCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

CONFIGURATION MANAGEMENT

1.5.5 Ensure kernel core dumps are disabled.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

1.6.1.4 Ensure SELinux policy is configured - configCIS Amazon Linux 2 STIG v1.0.0 L2Unix

ACCESS CONTROL

1.6.1.4 Ensure SELinux policy is configured - sestatusCIS Amazon Linux 2 STIG v1.0.0 L2Unix

ACCESS CONTROL

1.10 Ensure required packages for multifactor authentication are installed - escCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

1.10 Ensure required packages for multifactor authentication are installed - pam_pkcs11CIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm packageCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm processCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure the rsh package has been removedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.1.2 Ensure the ypserv package has been removedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.1.4 Ensure TFTP daemon is configured to operate in secure mode.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.2.2.1 Ensure the screen package is installed.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

2.2.3 Ensure X Window System is not installedCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.10 Ensure FTP Server is not enabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.27 Ensure ldap_id_use_start_tls is set for LDAP.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.28 Ensure ldap_tls_reqcert is set for LDAPCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.3 Ensure network interfaces are not in promiscuous modeCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

3.2.5 Ensure broadcast ICMP requests are ignored - /etc/sysctl.conf /etc/sysctl.d/*CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.2.5 Ensure broadcast ICMP requests are ignored - sysctlCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

4.1.1.2 Ensure system is disabled when audit logs are full - action_mail_acctCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure system is disabled when audit logs are full - admin_space_left_actionCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure system is disabled when audit logs are full - space_left_actionCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.22 Ensure auditd service is activeCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.2.2.6 Ensure rsyslog imudp and imrelp aren't loaded.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

5.2.18 Ensure SSH Idle Timeout Interval is configured - ClientAliveCountMaxCIS Amazon Linux 2 STIG v1.0.0 L1Unix

ACCESS CONTROL

5.2.18 Ensure SSH Idle Timeout Interval is configured - ClientAliveIntervalCIS Amazon Linux 2 STIG v1.0.0 L1Unix

ACCESS CONTROL

5.2.32 Ensure no '.shosts' files exist on the system.CIS Amazon Linux 2 STIG v1.0.0 L3Unix
5.2.33 Ensure no 'shosts.equiv' files exist on the system.CIS Amazon Linux 2 STIG v1.0.0 L3Unix
5.4.1.6 Ensure encrypted respresentation of passwords is set.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.4.1.7 Ensure account administration utilities are configured to store only encrypted representations of passwords.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.4.1.8 Ensure password expiration is 60 Day maximum for new usersCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.9 Ensure password expiration is 60 Day maximum for exisiting passwordsCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.5.1.6 Ensure shadow file is configured to use only encrypted representations of passwordsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

6.1.10 Ensure no world writable files existCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

6.1.11 Ensure no unowned files or directories existCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

6.1.12 Ensure no ungrouped files or directories existCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

6.2.25 Ensure users' 'dot' files have '0740' or less set.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

6.2.28 Ensure upon user creation a home directory is assigned.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

6.3 Ensure removal of software components after updateCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

7.2 Disable System AccountsCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

RHEL-06-000011 - System security patches and updates must be installed and up-to-date.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-06-000275 - The operating system must employ cryptographic mechanisms to protect information in storage.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000276 - The operating system must protect the confidentiality and integrity of data at rest.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000277 - The operating system must employ cryptographic mechanisms to prevent unauthorized disclosure of data at rest unless otherwise protected by alternative physical measures.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-07-030201 - The Red Hat Enterprise Linux operating system must be configured to off-load audit logs onto a different system or storage media from the system being audited.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030211 - The Red Hat Enterprise Linux operating system must label all off-loaded audit logs before sending them to the central log server.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY