Item Search

NameAudit NamePluginCategory
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.2 Ensure that the API server pod specification file ownership is set to root:rootCIS Kubernetes Benchmark v1.9.0 L1 MasterUnix

ACCESS CONTROL

1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes Benchmark v1.9.0 L1 MasterUnix

ACCESS CONTROL

1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.4.1 Set 'password' for 'enable secret'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

ACCESS CONTROL

1.5 Ensure That Service Account Has No Admin PrivilegesCIS Google Cloud Platform v3.0.0 L1GCP

ACCESS CONTROL

1.8.2 Set username secret for all local usersCIS Cisco IOS XR 7.x v1.0.0 L1Cisco

ACCESS CONTROL

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL

3.5 Ensure the SQL Server's MSSQL Service Account is Not an AdministratorCIS SQL Server 2016 Database L1 OS v1.4.0Windows

ACCESS CONTROL

3.6 Ensure the SQL Server's SQLAgent Service Account is Not an AdministratorCIS SQL Server 2017 Database L1 OS v1.3.0Windows

ACCESS CONTROL

3.6 Ensure the SQL Server's SQLAgent Service Account is Not an AdministratorCIS SQL Server 2022 Database L1 OS v1.1.0Windows

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL

3.7 Ensure the SQL Server's Full-Text Service Account is Not an AdministratorCIS SQL Server 2022 Database L1 OS v1.1.0Windows

ACCESS CONTROL

3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in AccountsCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

ACCESS CONTROL

3.13 Ensure membership in admin roles in MSDB database is limitedCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes Benchmark v1.9.0 L1 WorkerUnix

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.6 Avoid use of system:masters groupCIS Google Kubernetes Engine (GKE) v1.6.1 L1GCP

ACCESS CONTROL

4.1.7 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Google Kubernetes Engine (GKE) v1.6.1 L1GCP

ACCESS CONTROL

4.1.8 Ensure that the client certificate authorities file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

5.1.7 Avoid use of system:masters groupCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

5.1.7 Avoid use of system:masters groupCIS Kubernetes Benchmark v1.9.0 L1 MasterUnix

ACCESS CONTROL

5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

5.2.6 Minimize the admission of containers with allowPrivilegeEscalationCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.2.6 Minimize the admission of containers with allowPrivilegeEscalationCIS Kubernetes Benchmark v1.9.0 L1 MasterUnix

ACCESS CONTROL

5.4 Ensure 'SUPER' is Not Granted to Non-Administrative UsersCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

ACCESS CONTROL

6.3.1 Privilege escalation: sudoCIS IBM AIX 7.2 L2 v1.1.0Unix

ACCESS CONTROL

6.4 Adding authorized users in at.allowCIS IBM AIX 7.2 L1 v1.1.0Unix

ACCESS CONTROL

6.6 Adding authorized users in cron.allowCIS IBM AIX 7.2 L1 v1.1.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 7 L2 v1.1.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 7 L2 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for config componentCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

18.3.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.90.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.90.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL

19.7.40.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL