Item Search

NameAudit NamePluginCategory
1.5 Ensure 'unique application pools' is set for sitesCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL

2.2 Ensure access to sensitive site features is restricted to authenticated principals onlyCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL

2.2.29 Configure 'Log on as a service'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

2.3 Ensure 'forms authentication' require SSL - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure 'forms authentication' require SSL - DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure 'cookie protection mode' is configured for forms authentication - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure 'cookie protection mode' is configured for forms authentication - DefaultCIS IIS 10 v1.2.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure transport layer security for 'basic authentication' is configuredCIS IIS 8.0 v1.5.1 Level 1Windows

IDENTIFICATION AND AUTHENTICATION

3.7 Ensure 'cookies' are set with HttpOnly attributeCIS IIS 8.0 v1.5.1 Level 1Windows

ACCESS CONTROL

3.7 Ensure 'cookies' are set with HttpOnly attribute - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.7 Ensure 'cookies' are set with HttpOnly attribute - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Ensure global .NET trust level is configuredCIS IIS 8.0 v1.5.1 Level 1Windows

ACCESS CONTROL

3.10 Ensure global .NET trust level is configured - DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is ConfiguredCIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

7.1 Ensure HSTS Header is setCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure SSLv3 is disabledCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.10 Ensure RC4 Cipher Suites is disabledCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.12 Ensure TLS Cipher Suite ordering is ConfiguredCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.13 Ensure AES 256/256 Cipher Suite is enabled - EnabledCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

CIS Control 4 (4.2) Change Default PasswordsCAS Implementation Group 1 Audit FileUnix

IDENTIFICATION AND AUTHENTICATION

CIS Control 5 (5.1) Establish Secure ConfigurationsCAS Implementation Group 1 Audit FileUnix

CONFIGURATION MANAGEMENT

CIS Docker Community Edition v1.1.0 L1 DockerCIS Docker Community Edition v1.1.0 L1 DockerUnix
CIS Internet Explorer 9 Benchmark Version 1.0.0CIS IE 9 v1.0.0Windows
CIS_Debian_Family_Linux_v1.0.0_L2_Workstation.audit from CIS Debian Family Linux BenchmarkCIS Debian Family Workstation L2 v1.0.0Unix
CIS_Debian_Linux_10_v1.0.0_L2_Server.audit from CIS Debian Linux 10 BenchmarkCIS Debian 10 Server L2 v2.0.0Unix
CIS_Debian_Linux_10_v2.0.0_L1_Workstation.audit from CIS Debian Linux 10 BenchmarkCIS Debian 10 Workstation L1 v2.0.0Unix
CIS_Docker_v1.7.0_L2_Docker_-_Linux.audit from CIS Docker Benchmark v1.7.0CIS Docker v1.7.0 L2 Docker - LinuxUnix
CIS_Kubernetes_v1.2.0_Level_1.audit from CIS Kubernetes Benchmark v1.2.0CIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix
CIS_Kubernetes_v1.3.0_Level_1.audit from CIS Kubernetes Benchmark v1.3.0CIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix
CIS_Kubernetes_v1.4.1_Level_1.audit from CIS Kubernetes Benchmark v1.4.1CIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

CIS_Kubernetes_v1.4.1_Level_2.audit from CIS Kubernetes Benchmark v1.4.1CIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix

CONFIGURATION MANAGEMENT

CIS_Kubernetes_v1.20_v1.0.1_Level_1_Master.audit from CIS Kubernetes v1.20 Benchmark v1.0.1CIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

CONFIGURATION MANAGEMENT

CIS_Kubernetes_v1.20_v1.0.1_Level_2_Worker.audit from CIS Kubernetes v1.20 Benchmark v1.0.1CIS Kubernetes v1.20 Benchmark v1.0.1 L2 WorkerUnix

CONFIGURATION MANAGEMENT

CIS_Kubernetes_v1.23_v1.0.1_Level_1_Master.audit from CIS Kubernetes v1.23 Benchmark v1.0.1CIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

CONFIGURATION MANAGEMENT

CIS_Kubernetes_v1.23_v1.0.1_Level_1_Worker.audit from CIS Kubernetes v1.23 Benchmark v1.0.1CIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

CONFIGURATION MANAGEMENT

CIS_MongoDB_3.6_Benchmark_Level_2_DB_v1.1.0.audit from CIS MongoDB 3.6 BenchmarkCIS MongoDB 3.6 Database Audit L2 v1.1.0MongoDB
CIS_MongoDB_3.6_Benchmark_Level_2_OS_Windows_v1.1.0.audit from CIS MongoDB 3.6 BenchmarkCIS MongoDB 3.6 L2 Windows Audit v1.1.0Windows
CIS_MongoDB_5_Benchmark_Level_1_OS_Windows_v1.2.0.audit from CIS MongoDB 5 BenchmarkCIS MongoDB 5 L1 OS Windows v1.2.0Windows
CIS_MongoDB_5_Benchmark_Level_2_OS_Linux_v1.2.0.audit from CIS MongoDB 5 BenchmarkCIS MongoDB 5 L2 OS Linux v1.2.0Unix
CIS_MongoDB_6_v1.2.0_L1_OS_Linux.audit from CIS MongoDB 6 Benchmark v1.2.0CIS MongoDB 6 v1.2.0 L1 MongoDBUnix
CIS_MongoDB_6_v1.2.0_L2_OS_Linux.audit from CIS MongoDB 6 Benchmark v1.2.0CIS MongoDB 6 v1.2.0 L2 MongoDBUnix
CIS_PostgreSQL_9.6_v1.0.0_L1_OS_Linux.audit from CIS Benchmark for PostgreSQL 9.6CIS PostgreSQL 9.6 OS v1.0.0Unix
CIS_PostgreSQL_13_v1.2.0_L1_DB.audit from CIS PostgreSQL 13 Benchmark v1.2.0CIS PostgreSQL 13 DB v1.2.0PostgreSQLDB
CIS_PostgreSQL_13_v1.2.0_L1_OS_Linux.audit from CIS PostgreSQL 13 Benchmark v1.2.0CIS PostgreSQL 13 OS v1.2.0Unix
CIS_PostgreSQL_15_v1.1.0_L1_Database.audit from CIS PostgreSQL 15 Benchmark v1.1.0CIS PostgreSQL 15 DB v1.1.0PostgreSQLDB
CIS_PostgreSQL_15_v1.1.0_L1_OS_Linux.audit from CIS PostgreSQL 15 Benchmark v1.1.0CIS PostgreSQL 15 OS v1.1.0Unix
IIST-SI-000252 - The maximum number of requests an application pool can process for each IIS 10.0 website must be explicitly set.DISA IIS 10.0 Site v2r10Windows

CONFIGURATION MANAGEMENT

IIST-SI-000262 - Interactive scripts on the IIS 10.0 web server must have restrictive access controls.DISA IIS 10.0 Site v2r10Windows

CONFIGURATION MANAGEMENT

IISW-SI-000252 - The maximum number of requests an application pool can process for each IIS 8.5 website must be explicitly set.DISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT