Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4 Set 'login authentication for 'line vty'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

ACCESS CONTROL

1.2.5 Ensure the version of the operating system is an active vendor supported release.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

1.3.3 Ensure AIDE is configured to verify ACLsCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

1.4.4 Ensure UEFI requires authentication for single-user and maintenance modes - passwordCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

1.5.6 Ensure NIST FIPS-validated cryptography is configured - enabledCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.6 Ensure NIST FIPS-validated cryptography is configured - grubCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.7 Ensure DNS is servers are configured - nameserver 2CIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm packageCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm processCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure the rsh package has been removedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.1.2 Ensure the ypserv package has been removedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.2.1.4 Ensure NTP 'maxpoll' is set - maxpoll is set.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

2.2.2.7 Ensure unrestricted logon is not allowedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.2.24 Ensure default SNMP community strings don't existCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

2.2.25 Ensure unrestricted mail relaying is prevented.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.2.27 Ensure ldap_id_use_start_tls is set for LDAP.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.3 Ensure network interfaces are not in promiscuous modeCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

4.1.1.5 Ensure audit logs on seperate system are encrypted.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.1 Ensure all uses of the passwd command are audited.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure audit of the gpasswd commandCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.6 Ensure audit all uses of the chsh command.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.8 Ensure audit of postdrop commandCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.10 Ensure audit ssh-keysign command.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.16 Ensure audit unlinkat syscall - 32 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.18 Ensure audit of the finit_module syscall - 64 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.25 Ensure audit of the mount command and syscall - 32 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.7 Enable use of the au-remote pluginCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.9 Ensure action is taken when audisp-remote buffer is fullCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.10 Ensure off-loaded audit logs are labeled.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

5.2.2 Ensure SSH is runningCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

5.2.23 Ensure RSA rhosts authentication is not allowedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.24 Ensure Printlastlog is enabledCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

5.2.34 Ensure remote X connections are encrypted.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

5.3.5 Ensure minimum and maximum requirements are set for password changes - maxclassrepeatCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.3.5 Ensure minimum and maximum requirements are set for password changes - maxrepeatCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.3.12 Ensure password prohibited reuse is at a minumum '5'CIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.4.10 Ensure default user umask is 077CIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

5.4.11 Ensure default user shell timeout is 600 seconds or lessCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

5.7 Ensure multi-factor authentication is enable for users - moduleCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.8 Ensure non-privileged users are prevented from executing privileged functionsCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

6.2.22 Ensure local interactive user is a member of the group owner.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

6.2.28 Ensure upon user creation a home directory is assigned.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

6.4 Ensure system device files are labeled - device_tCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

20.31 Ensure 'Host-based firewall is installed and enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

CASA-ND-000530 - The Cisco ASA must be configured to enforce password complexity by requiring that at least one lowercase character be used.DISA STIG Cisco ASA NDM v2r2Cisco

IDENTIFICATION AND AUTHENTICATION

CASA-ND-000570 - The Cisco ASA must be configured to enforce password complexity by requiring that at least one special character be used.DISA STIG Cisco ASA NDM v2r2Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-RT-000394 - The Cisco perimeter router must be configured to drop IPv6 packets containing a Hop-by-Hop header with invalid option type values.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000394 - The Cisco perimeter router must be configured to drop IPv6 packets containing a Hop-by-Hop header with invalid option type values.DISA STIG Cisco IOS Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

HP ProCurve - 'Secure Management VLAN is enabled'TNS HP ProCurveHPProCurve

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Password Strength Check - EnabledTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION