Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobeCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of udf filesystems is disabled - lsmodCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.8 Ensure mounting of FAT filesystems is disabled - lsmodCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

CONFIGURATION MANAGEMENT

1.1.1.8 Ensure mounting of FAT filesystems is disabled - lsmodCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

CONFIGURATION MANAGEMENT

1.1.2 Ensure separate partition exists for /tmpCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.1.5 Ensure separate partition exists for /varCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.1.6 Ensure separate partition exists for /var/tmpCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.2.3.10 Configure 'Detect compatibility issues for applications and drivers'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.2.4.2.2.24 Configure 'Configure TPM platform validation profile for native UEFI firmware configurations'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.2.14 Ensure that the admission control plugin NamespaceLifecycle is setCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.5.8 Set 'snmp-server enable traps snmp'CIS Cisco IOS 12 L1 v4.0.0Cisco

CONFIGURATION MANAGEMENT

1.6.1 Ensure core dumps are restricted - /etc/systemd/coredump.conf StorageCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.6.1 Ensure core dumps are restricted - sysctlCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.8.1.3 Ensure remote login warning banner is configured properlyCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.10 Ensure GDM is removed or login is configured - banner message enabledCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.11.4 Ensure 'SNMP traps' is enabled - linkupCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

2.1.1.2 Set version 2 for 'ip ssh version'CIS Cisco IOS XE 17.x v2.1.1 L1Cisco

CONFIGURATION MANAGEMENT

2.1.1.2 Set version 2 for 'ip ssh version'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

CONFIGURATION MANAGEMENT

2.1.11 Ensure CDN is enabled for improved GUI performanceCIS Fortigate 7.0.x v1.3.0 L2FortiGate

CONFIGURATION MANAGEMENT

2.2 Ensure 'noproxyarp' is enabled for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

2.2 Ensure 'noproxyarp' is enabled for untrusted interfacesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

2.3 Ensure 'DNS Guard' is enabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

2.5 Ensure ICMP is restricted for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.1 Ensure DNS services are configured correctly - domain-lookupCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.2 Ensure intrusion prevention is enabled for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.3.12 nfs_use_reserved_ports - nfs_use_reserved_portsCIS IBM AIX 7.1 L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

3.8 Ensure Loopback interface address is setCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

3.11 Ensure Java applet filtering is enabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.12 Ensure explicit deny in access lists is configured correctlyCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

4.4.9 Ensure ''trustedSensitiveHeaderOrigin'' is set to trusted host names and IP addresses for sensitive dataCIS IBM WebSphere Liberty v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

4.5.2 Ensure RIP is set to check for zero values in reserved fieldsCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

4.6.2 Ensure BFD Authentication is Not Set to Loose-CheckCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

5.2.12 Minimize the admission of HostPath volumesCIS Kubernetes v1.10.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

5.7.3 Apply Security Context to Your Pods and ContainersCIS Kubernetes v1.20 Benchmark v1.0.1 L2 MasterUnix

CONFIGURATION MANAGEMENT

6.5.1 Ensure ICMPv4 rate-limit is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

6.5.5 Ensure TCP RST is Set to DisabledCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.6.10 Ensure at least 4 set changes in local passwordsCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.6.11 Ensure local passwords are at least 10 charactersCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.19 Ensure Hostname is Not Set to Device Make or ModelCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.20 Ensure Default Address Selection is SetCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT

7.6 Ensure directory in logging.properties is a secure location (check application log directory is secure)CIS Apache Tomcat 7 L1 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

43 - Do not resolve hosts on logging valves - SERVER_XMLTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

Ensure 'Failover' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'ip verify' is set to 'reverse-path' for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'noproxyarp' is enabled for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - coldstartTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'snmp-server group' is set to 'v3 priv'Tenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'snmp-server host' is set to 'version 3'Tenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure DHCP services are disabled for untrusted interfaces - dhcprelayTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Limit HTTP methods allowed by the Web Server.TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT