Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.4.2.2.21 Configure 'Use enhanced Boot Configuration Data validation profile'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.4.2.2.22 Configure 'Enable use of BitLocker authentication requiring preboot keyboard input on slates'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.28 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.4 Ensure Databases running on RDS have encryption at rest enabledCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

1.5 Ensure all EBS volumes for Web-Tier are encryptedCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

1.6 Ensure all EBS volumes for App-Tier are encryptedCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

1.6 Verify That 'PGPASSWORD' is Not Set in Users' ProfilesCIS PostgreSQL 14 OS v 1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6 Verify That 'PGPASSWORD' is Not Set in Users' ProfilesCIS PostgreSQL 13 OS v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7 Verify That the 'PGPASSWORD' Environment Variable is Not in UseCIS PostgreSQL 13 OS v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7 Verify That the 'PGPASSWORD' Environment Variable is Not in UseCIS PostgreSQL 14 OS v 1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.10 Ensure KMS Encryption Keys Are Rotated Within a Period of 90 DaysCIS Google Cloud Platform v3.0.0 L1GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure that the --auto-tls argument is not set to trueCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.27.17 Ensure 'Protect document metadata for password protected files' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.27.18 Ensure 'Protect document metadata for rights managed Office Open XML Files' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure Passwords are Not Stored in the service fileCIS PostgreSQL 13 OS v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure Passwords are Not Stored in the service fileCIS PostgreSQL 14 OS v 1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriateCIS Kubernetes v1.10.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriate - keyCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure 'cookie protection mode' is configured for forms authenticationCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure 'cookie protection mode' is configured for forms authentication - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7.2 Time Machine Volumes Are EncryptedCIS Apple macOS 10.13 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8.2 Time Machine Volumes Are EncryptedCIS Apple macOS 10.12 L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8.2 Time Machine Volumes Are EncryptedCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8.2 Time Machine Volumes Are EncryptedCIS Apple OSX 10.9 L1 v1.3.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8.2 Time Machine Volumes Are EncryptedCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.4.3 Ensure pam_unix includes a strong password hashing algorithmCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.11 Ensure an AWS Managed Config Rule for encrypted volumes is applied to App Tier - EncryptionCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Debian 10 Server L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.12 Ensure no users have .netrc filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure That All BigQuery Tables Are Encrypted With Customer-Managed Encryption Key (CMEK)CIS Google Cloud Platform v3.0.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure Database Backups are EncryptedCIS Microsoft SQL Server 2019 v1.4.0 L2 Database EngineMS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption KeyCIS Google Cloud Platform v3.0.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Internet ZoneMSCT MSCT Windows Server 2022 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Internet ZoneMSCT Windows Server 2019 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Internet ZoneMSCT Windows Server 2022 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Internet ZoneMSCT Windows Server v20H2 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Internet ZoneMSCT Windows Server v2004 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Internet ZoneMSCT Windows 10 v21H1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Internet ZoneMSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Restricted Sites ZoneMSCT Windows Server 2019 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Restricted Sites ZoneMSCT Windows Server 2019 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Restricted Sites ZoneMSCT MSCT Windows Server 2022 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Restricted Sites ZoneMSCT Windows Server 2022 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Userdata persistence - Restricted Sites ZoneMSCT Windows 10 v21H1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION