Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure packages are obtained from authorized repositoriesCIS PostgreSQL 15 OS v1.1.0Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

1.2 Do Not Install a Multi-Use System - chkconfigCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

1.2 Do Not Install a Multi-Use System - chkconfigCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

CONFIGURATION MANAGEMENT

1.2 Do Not Install a Multi-Use System - systemctlCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

CONFIGURATION MANAGEMENT

1.3.2 Ensure filesystem integrity is regularly checkedCIS Amazon Linux 2 STIG v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

1.6.1.3 Ensure the SELinux state is enforcing - configCIS Amazon Linux 2 STIG v1.0.0 L2Unix

ACCESS CONTROL

1.6.1.3 Ensure the SELinux state is enforcing - sestatusCIS Amazon Linux 2 STIG v1.0.0 L2Unix

ACCESS CONTROL

1.8.6 Ensure GDM session lock is enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.9 Ensure anti-virus is installed and runningCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.3 Ensure the TFTP server has not been installedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

2.2.21 Ensure tftp server is not enabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.25 Ensure unrestricted mail relaying is prevented.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

3.4.1 Ensure DCCP is disabledCIS Amazon Linux 2 STIG v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

5.2 Verify SELinux security options, if applicableCIS Docker 1.12.0 v1.0.0 L2 DockerUnix

ACCESS CONTROL

5.2 Verify SELinux security options, if applicable (Scored)CIS Docker 1.6 v1.0.0 L2 DockerUnix

ACCESS CONTROL

5.2.1 Ensure SSH is installedCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.2 Ensure SSH is runningCIS Amazon Linux 2 STIG v1.0.0 L3Unix

CONFIGURATION MANAGEMENT

5.2.3 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.2.6 Ensure SSH Protocol is set to 2CIS Amazon Linux 2 STIG v1.0.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.10 Ensure SSH IgnoreRhosts is enabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.2.11 Ensure SSH HostbasedAuthentication is disabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

5.2.12 Ensure SSH root login is disabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

ACCESS CONTROL

5.2.13 Ensure SSH PermitEmptyPasswords is disabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.2.14 Ensure SSH PermitUserEnvironment is disabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.5.1.6 Ensure shadow file is configured to use only encrypted representations of passwordsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.5.2 Ensure system accounts are secured - non-login shellCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.5.2 Ensure system accounts are secured - non-login shellCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.5.2 Ensure system accounts are secured - non-login shellCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.5.2 Ensure system accounts are secured - non-login shellCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.5.2 Ensure system accounts are secured - non-login shellCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.5.2 Ensure system accounts are secured - non-login shellCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.5.2 Ensure system accounts are secured - unlocked non-rootCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.5.2 Ensure system accounts are secured - unlocked non-rootCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.5.2 Ensure system accounts are secured - unlocked non-rootCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.5.2 Ensure system accounts are secured - unlocked non-rootCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.5.2 Ensure system accounts are secured - unlocked non-rootCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

6.2.5 Ensure root is the only UID 0 accountCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

DTAVSEL-019 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP hostMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - trojansAlertMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - VirusDetectedMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

JBOS-AS-000650 - JBoss must be configured to use an approved TLS version.DISA JBoss EAP 6.3 STIG v2r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

MD7X-00-012500 MongoDB must be configured in accordance with the security configuration settings based on DOD security configuration and implementation guidance, including STIGs, NSA configuration guides, CTOs, DTMs, and IAVMs.DISA MongoDB Enterprise Advanced 7.x STIG v1r1Unix

CONFIGURATION MANAGEMENT

RHEL-06-000504 - The operating system must conduct backups of user-level information contained in the operating system per organization defined frequency to conduct backups consistent with recovery time and recovery point objectives.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000505 - The operating system must conduct backups of system-level information contained in the information system per organization defined frequency to conduct backups that are consistent with recovery time and recovery point objectives.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-07-020029 - The Red Hat Enterprise Linux operating system must use a file integrity tool to verify correct operation of all security functions.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - notificationDISA IBM WebSphere Traditional 9 STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - notificationDISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - enabledDISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

AUDIT AND ACCOUNTABILITY