Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Set 'Account lockout threshold' to '5 invalid logon attempt(s)'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.14 Ensure that the kubeconfig file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.18 Ensure that the Controller Manager kubeconfig file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

1.2.1 Ensure that anonymous requests are authorizedCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, MEDIA PROTECTION

1.2.9 Ensure that the APIPriorityAndFairness feature gate is enabledCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.16 Ensure that the --insecure-bind-address argument is not setCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

SYSTEM AND SERVICES ACQUISITION

1.2.22 Ensure that the maximumRetainedFiles argument is set to 10 or as appropriateCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

AUDIT AND ACCOUNTABILITY

1.3.3 Ensure that the --service-account-private-key-file argument is set as appropriateCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

IDENTIFICATION AND AUTHENTICATION

1.4.1 Ensure that the healthz endpoints for the scheduler are protected by RBACCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.8.1 Ensure 'console session timeout' is less than or equal to '5' minutesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

IDENTIFICATION AND AUTHENTICATION

2.3.7.8 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.7.8 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

IDENTIFICATION AND AUTHENTICATION

3.1.22 Set archive log failover retry limitCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows

CONFIGURATION MANAGEMENT

3.2.1 Ensure that a minimal audit policy is createdCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

AUDIT AND ACCOUNTABILITY

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl insmodCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl modprobeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure kernel module loading and unloading is collected - delete_module 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure kernel module loading and unloading is collected - modprobeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

4.1.10 Ensure that the kubelet configuration file ownership is set to root:rootCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL

4.1.16 Ensure kernel module loading and unloading is collectedCIS SUSE Linux Enterprise 12 v3.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmodCIS Debian Family Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobeCIS Debian Family Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobeCIS Red Hat 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmodCIS CentOS 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmodCIS CentOS 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmodCIS Red Hat 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_moduleCIS Debian Family Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmodCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl modprobeCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/insmodCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/insmodCIS Red Hat 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/modprobeCIS CentOS 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - rules.d modulesCIS CentOS 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - rules.d modulesCIS Oracle Linux 6 Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.17 Ensure kernel module loading and unloading is collected - /sbin/insmodCIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.17 Ensure kernel module loading and unloading is collected - /sbin/modprobeCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmodCIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmodCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.2.12 Ensure that the Kubelet only makes use of Strong Cryptographic CiphersCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

IDENTIFICATION AND AUTHENTICATION

7.6 Disable XDMCP port, Check if Dtlogin.requestPort is set correctly.CIS Solaris 9 v1.3Unix

CONFIGURATION MANAGEMENT

ARST-L2-000050 - The Arista MLS switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

DISA_STIG_RHEL_5_v1r18.audit from DISA Red Hat Enterprise Linux 5 STIG v1r18DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix
GEN005190 - The .Xauthority files must not have extended ACLs.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL