Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3.1 Ensure all information at rest is encryptedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

SYSTEM AND COMMUNICATIONS PROTECTION

1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfileCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.26 Ensure that the --etcd-cafile argument is set as appropriateCIS Kubernetes v1.12.0 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.28 Ensure that encryption providers are appropriately configuredCIS Kubernetes v1.12.0 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.28 Ensure that the --etcd-cafile argument is set as appropriateCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.28 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.29 Ensure that encryption providers are appropriately configuredCIS Red Hat OpenShift Container Platform v1.9.0 L1OpenShift

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.29 Ensure that the --encryption-provider-config argument is set as appropriateCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.30 Ensure that encryption providers are appropriately configuredCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.30 Ensure that encryption providers are appropriately configuredCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.33 Ensure that encryption providers are appropriately configuredCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.10 Ensure KMS Encryption Keys Are Rotated Within a Period of 90 DaysCIS Google Cloud Platform Foundation v4.0.0 L1GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1 EFS - implementationCIS IBM AIX 7.1 L2 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.12.0 L1 Master NodeUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Ensure that the --client-cert-auth argument is set to trueCIS Red Hat OpenShift Container Platform v1.9.0 L1OpenShift

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure Binary and Relay Logs are EncryptedCIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS on Linux MySQLDBMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1 Ensure yearly rekeying is enabled for a Snowflake accountCIS Snowflake Foundations v1.0.0 L2Snowflake

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2 Ensure AES encryption key size used to encrypt files stored in internal stages is set to 256 bitsCIS Snowflake Foundations v1.0.0 L1Snowflake

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.4 Ensure that the --client-ca-file argument is set as appropriateCIS Red Hat OpenShift Container Platform v1.9.0 L1OpenShift

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3 Ensure Encryption of Data at RestCIS MongoDB 3.6 L2 Unix Audit v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3 Ensure Encryption of Data at RestCIS MongoDB 3.6 L2 Windows Audit v1.1.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 5 L2 OS Windows v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 5 L2 OS Linux v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 4 L2 OS Linux v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 4 L2 OS Windows v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 6 v1.2.0 L2 MongoDBUnix

SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Old Password Versions Are Not UsedCIS Oracle Database 19c v2.0.0 L1 RDBMSOracleDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Ensure Old Password Versions Are Not UsedCIS Oracle Database 23ai v1.1.0 L1 RDBMSOracleDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.9 Enable data-at-rest encryption in MariaDBCIS MariaDB 10.6 Database L2 v1.1.0MySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.9 Use MySQL TDE for At-Rest Data EncryptionCIS Oracle MySQL Community Server 8.4 v1.1.0 L2 MySQL RDBMS on Linux MySQLDBMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.9 Use MySQL TDE for At-Rest Data EncryptionCIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS on Linux MySQLDBMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS MySQL 5.7 Community Database L2 v2.0.0MySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux MySQLDBMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.10 Use MySQL TDE for At-Rest Data EncryptionCIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS MySQLDBMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.1 Ensure Kubernetes Secrets are encrypted using keys managed in Cloud KMSCIS Google Kubernetes Engine GKE v1.9.0 L2 GCPGCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.6.1 Enable Customer-Managed Encryption Keys (CMEK) for GKE Persistent Disks (PD)CIS Google Kubernetes Engine GKE Autopilot v1.3.0 L2GCP

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.6 Ensure Binary and Relay Logs are EncryptedCIS MariaDB 10.6 Database L2 v1.1.0MySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.11 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 13 v1.3.0 L1 Database PostgreSQLDBPostgreSQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.11 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 14 DB v 1.3.0PostgreSQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.11 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLPostgreSQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure Database Backups are EncryptedCIS SQL Server 2017 Database L2 DB v1.3.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure Databases are Encrypted with TDECIS Microsoft SQL Server 2019 v1.5.2 L2 Database EngineMS_SQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure Databases are Encrypted with TDECIS Microsoft SQL Server 2025 v1.0.0 L2 Database EngineMS_SQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.19 Ensure Manager Application Passwords are EncryptedCIS Apache Tomcat 9 L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.19 Ensure Manager Application Passwords are EncryptedCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.19 Ensure Manager Application Passwords are EncryptedCIS Apache Tomcat 10 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.59.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

CONFIGURATION MANAGEMENT

18.10.59.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

CONFIGURATION MANAGEMENT