Item Search

Name	Audit Name	Plugin	Category
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS Oracle Linux 9 v2.0.0 L2 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS Oracle Linux 9 v2.0.0 L2 Workstation	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS Rocky Linux 9 v2.0.0 L2 Workstation	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS AlmaLinux OS 9 v2.0.0 L2 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure repo_gpgcheck is globally activated	CIS AlmaLinux OS 9 v2.0.0 L2 Workstation	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS Oracle Linux 7 v4.0.0 L2 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS CentOS Linux 7 v4.0.0 L2 Server	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS Rocky Linux 8 Server L2 v2.0.0	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS AlmaLinux OS 8 Workstation L2 v3.0.0	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS Oracle Linux 8 Workstation L2 v3.0.0	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.3 Ensure repo_gpgcheck is globally activated	CIS Red Hat EL8 Workstation L2 v3.0.0	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.3.1.8 Ensure SETroubleshoot is not installed	CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - limits.conf, limits.d/*	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
1.5.1.8 Ensure SETroubleshoot is not installed	CIS Oracle Linux 7 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.5.1.8 Ensure SETroubleshoot is not installed	CIS CentOS Linux 7 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.5.1.8 Ensure SETroubleshoot is not installed	CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.6.1.7 Ensure SETroubleshoot is not installed	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
1.8.3 Ensure 'HTTP idle timeout' is less than or equal to '5' minutes	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL
1.8.3 Ensure 'HTTP idle timeout' is less than or equal to '5' minutes	CIS Cisco Firewall v8.x L1 v4.2.0	Cisco	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmod	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl modprobe	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmod	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - rmmod	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.18 Ensure kernel module loading and unloading is collected - auditctl init_module	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.18 Ensure kernel module loading and unloading is collected - auditctl rmmod	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.18 Ensure kernel module loading and unloading is collected - modprobe	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.18 Ensure kernel module loading and unloading is collected - rmmod	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.18 Ensure kernel module loading and unloading is collected - rmmod	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.1 Ensure Home Folders Are Secure	CIS Apple macOS 12.0 Monterey v4.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=always	CIS Docker 1.11.0 v1.0.0 L1 Docker	Unix
5.18 Install an approved tokend for smartcard authentication	CIS Apple OSX 10.9 L2 v1.3.0	Unix	IDENTIFICATION AND AUTHENTICATION
8.1.17 Collect Kernel Module Loading and Unloading - '32bit init_module/delete_module'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.1.17 Collect Kernel Module Loading and Unloading- '/sbin/rmmod'	CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
89.18 (L1) Ensure 'Impersonate Client' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.20 (L1) Ensure 'Impersonate Client' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
BIND-9X-001059 - On the BIND 9.x server the platform on which the name server software is hosted must be configured to send outgoing DNS messages from a random port.	DISA BIND 9.x STIG v2r3	Unix	CONFIGURATION MANAGEMENT
CISC-RT-000240 - The Cisco perimeter switch must be configured to deny network traffic by default and allow network traffic by exception.	DISA STIG Cisco IOS Switch RTR v3r1	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS).	DISA Cisco IOS Router RTR STIG v3r3	Cisco	ACCESS CONTROL
CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) switch must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries.	DISA Cisco NX OS Switch RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
Enable IKE Version 1/2 - cipher-suite	Tenable Cisco Viptela SD-WAN - vEdge	Cisco_Viptela	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure 'console session timeout' is less than or equal to '5' minutes	Tenable Cisco Firepower Best Practices Audit	Cisco	ACCESS CONTROL
GEN000000-LNX00360 - The X server must have the correct options enabled - '-s <= 15'	DISA STIG for Oracle Linux 5 v2r1	Unix	CONFIGURATION MANAGEMENT
GEN002753 - The audit system must be configured to audit account termination - 'groupdel'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL
VCLD-80-000100 The vCenter VAMI service must implement prevent rendering inside a frame or iframe on another site.	DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1	Unix	CONFIGURATION MANAGEMENT
VCLD-80-000101 The vCenter VAMI service must protect against MIME sniffing.	DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search