Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4 Set 'login authentication for 'line con 0'CIS Cisco IOS 12 L1 v4.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.2 Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service AccountsCIS Google Cloud Platform v3.0.0 L1GCP

IDENTIFICATION AND AUTHENTICATION

1.3 Ensure that Security Key Enforcement is Enabled for All Admin AccountsCIS Google Cloud Platform v3.0.0 L2GCP

IDENTIFICATION AND AUTHENTICATION

1.4 Ensure multi-factor authentication (MFA) is turned on for all human users with password-based authenticationCIS Snowflake Foundations v1.0.0 L1Snowflake

IDENTIFICATION AND AUTHENTICATION

2.1 Ensure that authentication is enabled for MongoDB databasesCIS MongoDB L1 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.1.2 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Privileged UsersCIS Microsoft Azure Foundations v3.0.0 L1microsoft_azure

IDENTIFICATION AND AUTHENTICATION

2.1.3 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged UsersCIS Microsoft Azure Foundations v3.0.0 L2microsoft_azure

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 4 L1 OS Windows v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 3.6 L1 Unix Audit v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 4 L1 OS Linux v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 5 L1 OS Linux v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 6 v1.2.0 L1 MongoDBUnix

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 7 v1.1.0 L1 MongoDBUnix

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 6 v1.2.0 L1 MongoDBWindows

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - clusterAuthModeCIS MongoDB L2 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.5.4 Ensure Radius or TACACS+ server is configured - tacacs-servers state onCIS Check Point Firewall L1 v1.1.0CheckPoint

IDENTIFICATION AND AUTHENTICATION

2.13 Set 'Allow access to voicemail without requiring a PIN' to 'False'CIS Microsoft Exchange Server 2013 UM v1.1.0Windows

IDENTIFICATION AND AUTHENTICATION

3.1.13 Enable server-based authenticationCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows

IDENTIFICATION AND AUTHENTICATION

3.1.13 Enable server-based authenticationCIS IBM DB2 v10 v1.1.0 Windows OS Level 2Windows

IDENTIFICATION AND AUTHENTICATION

4.4 Use Active Directory for local user authentication - Review DomainCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

IDENTIFICATION AND AUTHENTICATION

5.1.9 Ensure SSH HostbasedAuthentication is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.2.2.2 Ensure multifactor authentication is enabled for all usersCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

IDENTIFICATION AND AUTHENTICATION

5.3.2.5 Ensure pam_unix module is enabledCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.2.5 Ensure pam_unix module is enabledCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

6.2.4 Ensure no legacy '+' entries exist in /etc/groupCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.4 Ensure no legacy '+' entries exist in /etc/group - + entries exist in /etc/groupCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

IDENTIFICATION AND AUTHENTICATION

20.11 Ensure 'Active Directory user accounts are configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT)' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

20.58 Ensure 'Shared user accounts do not exist'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

20.58 Ensure 'Shared user accounts do not exist' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

79.3 (L1) Ensure 'Require Security Device' is set to 'true'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

IDENTIFICATION AND AUTHENTICATION

Catalina - Disable Password Authentication for SSHNIST macOS Catalina v1.5.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Centralized authentication - serverArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

IDENTIFICATION AND AUTHENTICATION

HP ProCurve - 'Privilege mode is configured'TNS HP ProCurveHPProCurve

IDENTIFICATION AND AUTHENTICATION

Huawei: User Interfaces are AuthenticatedTNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - AAA - audit loggingTenable Cisco Viptela SD-WAN - vManageCisco_Viptela

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - AAA - netconf loggingTenable Cisco Viptela SD-WAN - vEdgeCisco_Viptela

IDENTIFICATION AND AUTHENTICATION

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - 800-53r4 LowUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Monterey - Disable Password Authentication for SSHNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Network Security - Set the source address for all route engine generated traffic - accounting tacplus-serverJuniper Hardening JunOS 12 Devices ChecklistJuniper

IDENTIFICATION AND AUTHENTICATION

RADIUS and TACACS+ authorization and accounting - accounting commandsArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

IDENTIFICATION AND AUTHENTICATION

RADIUS and TACACS+ authorization and accounting - accounting execArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

IDENTIFICATION AND AUTHENTICATION

RADIUS and TACACS+ authorization and accounting - authorization commands autoArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

IDENTIFICATION AND AUTHENTICATION

Restrict Unauthenticated RPC clientsMSCT Windows 11 v24H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

User Authentication Security - Centralized authentication - Configure accounting to trace activity and usageJuniper Hardening JunOS 12 Devices ChecklistJuniper

IDENTIFICATION AND AUTHENTICATION

User Authentication Security - Centralized authentication - Configure multiple servers for resiliency - TACACS+Juniper Hardening JunOS 12 Devices ChecklistJuniper

IDENTIFICATION AND AUTHENTICATION