Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.4.0 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'CIS Oracle Server 18c Windows v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 (L1) Ensure the ESXi host firewall is configured to restrict access to services running on the hostCIS VMware ESXi 7.0 v1.4.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2 Disable Local-only Graphical Login EnvironmentCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.5 Ensure 'REMOTE_LISTENER' Is EmptyCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Disable RPC Encryption KeyCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Disable Generic Security Services (GSS)CIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Disable Apache ServiceCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0'CIS Microsoft SQL Server 2019 v1.4.0 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled'CIS SQL Server 2022 Database L1 OS v1.1.0Windows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Ensure SQL Server is configured to use non-standard portsCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Ensure SQL Server is configured to use non-standard portsCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Ensure SQL Server is configured to use non-standard portsCIS Microsoft SQL Server 2019 v1.4.0 L1 AWS RDSMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS Microsoft SQL Server 2019 v1.4.0 L1 Database EngineMS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instancesCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure ufw is installedCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.3 Ensure ufw service is enabledCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.5 Ensure ufw outbound connections are configuredCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.6 Ensure ufw firewall rules exist for all open portsCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure host based firewall loopback traffic is configuredCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.4 Ensure a nftables table existsCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.4 Ensure a nftables table existsCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.10 Ensure nftables rules are permanentCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.3 Ensure ufw is uninstalled or disabled with iptablesCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.1 Ensure iptables default deny firewall policyCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.3 Ensure iptables outbound and established connections are configuredCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.3 Ensure iptables outbound and established connections are configuredCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.4 Ensure iptables firewall rules exist for all open portsCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.2 Ensure ip6tables loopback traffic is configuredCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.3 Ensure ip6tables outbound and established connections are configuredCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.4 Ensure ip6tables firewall rules exist for all open portsCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.5 Ensure nftables loopback traffic is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.7 Ensure nftables default deny firewall policyCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.5 Ensure iptables rules are savedCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.6 Ensure iptables service is enabled and activeCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.3 Ensure ip6tables firewall rules exist for all open portsCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4 Ensure outbound and established connections are configuredCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.12 Set Strict MultihomingCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.17 Disable Network RoutingCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.5 Ensure 'Allow public access from any Azure service within Azure to this server' for PostgreSQL flexible server is disabledCIS Microsoft Azure Foundations v3.0.0 L1microsoft_azure

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.7 (L1) Host should reject MAC address changes on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.1.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.8 (L1) Host should reject promiscuous mode requests on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.1.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Disable Rhost-based Authentication for SSHCIS Oracle Solaris 11.4 L1 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 (L1) Ensure the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 7.0 v1.4.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure 'SQL Server Browser Service' is configured correctlyCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.2 SN.2 Remove Support for Internet Services (inetd)CIS Oracle Solaris 11.4 L2 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION