Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 (L1) Ensure the ESXi host firewall is configured to restrict access to services running on the hostCIS VMware ESXi 7.0 v1.4.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Disable Generic Security Services (GSS)CIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Disable Apache ServiceCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure iptables is installedCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.2 Ensure a single firewall configuration utility is in useCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.2 Ensure iptables-persistent is not installed with ufwCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.3 Ensure ufw service is enabledCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.6 Ensure ufw firewall rules exist for all open portsCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure firewalld is installedCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure nftables base chains existCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure nftables base chains existCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure firewalld service enabled and runningCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure host based firewall loopback traffic is configuredCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure host based firewall loopback traffic is configuredCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.4 Ensure network interfaces are assigned to appropriate zoneCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.5 Ensure nftables base chains existCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.10 Ensure nftables rules are permanentCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.10 Ensure nftables rules are permanentCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1 Ensure nftables is installedCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2 Ensure iptables are flushed with nftablesCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.6 Ensure nftables outbound and established connections are configuredCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.6 Ensure nftables outbound and established connections are configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.7 Ensure nftables default deny firewall policyCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.1.1 Ensure iptables packages are installedCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.4 Ensure iptables default deny firewall policyCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.1 Ensure ip6tables loopback traffic is configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.5 Ensure ip6tables rules are savedCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.6 Ensure ip6tables is enabled and activeCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Disable Source Packet ForwardingCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Disable Directed Broadcast Packet ForwardingCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Disable Response to ICMP Timestamp RequestsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.15 Set Maximum Number of Half-open TCP ConnectionsCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1 Ensure ufw is installedCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.2 Ensure a single firewall configuration utility is in useCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.4 Ensure ufw loopback traffic is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.7 Ensure ufw default deny firewall policyCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure iptables are flushed with nftablesCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.5 Ensure nftables base chains existCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure nftables base chains existCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1.1 Ensure iptables packages are installedCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.2.1 Ensure iptables default deny firewall policyCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3.1 Ensure ip6tables default deny firewall policyCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.4 Ensure nftables loopback traffic is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.7 (L1) Host should reject MAC address changes on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.1.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.8 (L1) Host should reject promiscuous mode requests on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.1.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Disable Rhost-based Authentication for SSHCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 (L1) Ensure the vSwitch MAC Address Change policy is set to rejectCIS VMware ESXi 7.0 v1.4.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Set 'mesg n' as Default for All UsersCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.2 SN.2 Remove Support for Internet Services (inetd)CIS Oracle Solaris 11.4 L2 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION