Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/dockerCIS Docker v1.6.0 L2 Docker LinuxUnix

AUDIT AND ACCOUNTABILITY

1.1.6 Ensure auditing is configured for Docker files and directories - /etc/dockerCIS Docker v1.6.0 L1 Docker LinuxUnix

AUDIT AND ACCOUNTABILITY

1.5 Audit docker daemonCIS Docker 1.13.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.5 Keep Docker up to dateCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

1.5 Keep Docker up to dateCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

1.6 Audit Docker files and directories - /var/lib/dockerCIS Docker 1.13.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.6 Ensure auditing is configured for Docker files and directories - /var/lib/dockerCIS Docker Community Edition v1.1.0 L1 Linux Host OSUnix

AUDIT AND ACCOUNTABILITY

1.6 Only allow trusted users to control Docker daemonCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

ACCESS CONTROL

1.6 Only allow trusted users to control Docker daemonCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

ACCESS CONTROL

1.9 Audit Docker files and directories - /etc/dockerCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.9 Audit Docker files and directories - /etc/dockerCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.11 Audit Docker files and directories - docker-registry.serviceCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.12 Audit Docker files and directories - /etc/default/dockerCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.12 Audit Docker files and directories - /etc/default/dockerCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.13 Audit Docker files and directories - /etc/docker/daemon.jsonCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.13 Audit Docker files and directories - /etc/docker/daemon.jsonCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.13 Audit Docker files and directories - /var/run/docker.sockCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.14 Audit Docker files and directories - /etc/sysconfig/dockerCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.15 Audit Docker files and directories - /etc/sysconfig/docker-networkCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.16 Audit Docker files and directories - /etc/sysconfig/docker-registryCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

2.6 Configure TLS authentication for Docker daemon --tlskeyCIS Docker 1.13.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Configure TLS authentication for Docker daemon --tlscacertCIS Docker 1.13.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Configure TLS authentication for Docker daemon --tlscertCIS Docker 1.13.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured --tlscacertCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured --tlscertCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured --tlskeyCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured --tlsverifyCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Do not use the aufs storage driverCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

2.7 Ensure TLS authentication for Docker daemon is configured - tlscacertCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.8 Do not bind Docker to another IP/Port or a Unix socketCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

2.11 Use authorization pluginCIS Docker 1.11.0 v1.0.0 L2 DockerUnix

IDENTIFICATION AND AUTHENTICATION

2.11 Use authorization pluginCIS Docker 1.12.0 v1.0.0 L2 DockerUnix

IDENTIFICATION AND AUTHENTICATION

3.11 Verify that docker-registry environment file ownership is set to root:rootCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.14 Ensure that Docker server certificate key file permissions are set to 400CIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.14 Verify that Docker server certificate key file permissions are set to 400CIS Docker 1.13.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.16 Ensure that the Docker socket file permissions are set to 660 or more restrictivelyCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL, MEDIA PROTECTION

3.16 Ensure that the Docker socket file permissions are set to 660 or more restrictivelyCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL, MEDIA PROTECTION

3.16 Verify that Docker socket file permissions are set to 660 or more restrictiveCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.26 Verify that Docker socket file permissions are set to 660 or more restrictiveCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

4.6 Add HEALTHCHECK instruction to the container imageCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

5.9 Do not share the host's network namespaceCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.9 Do not share the host's network namespaceCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.10 Do not use host network mode on containerCIS Docker 1.6 v1.0.0 L1 DockerUnix
5.27 Ensure docker commands always get the latest version of the imageCIS Docker 1.12.0 v1.0.0 L1 DockerUnix
DKER-EE-002080 - Docker Enterprise exec commands must not be used with privileged option.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-002090 - Docker Enterprise exec commands must not be used with the user option.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-003610 - Only trusted, signed images must be on Universal Control Plane (UCP) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-004260 - Only trusted, signed images must be stored in Docker Trusted Registry (DTR) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-005290 - Docker Enterprise server certificate key file ownership must be set to root:root.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-005320 - Docker Enterprise socket file permissions must be set to 660 or more restrictive.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT