Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.30 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - certCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix
1.6.3 Ensure that the Certificate Securing Remote Access VPNs is Valid - GlobalProtect PortalsCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1Palo_Alto
1.6.3 Ensure that the Certificate Securing Remote Access VPNs is Valid - GlobalProtect PortalsCIS Palo Alto Firewall 9 Benchmark L2 v1.0.0Palo_Alto
2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'CIS Oracle Server 18c Windows v1.0.0Windows
2.3 Ensure that the --auto-tls argument is not set to trueCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix
2.4 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriate - certCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix
2.4 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriate - keyCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix
2.5 Ensure insecure registries are not usedCIS Docker v1.3.1 L1 Docker LinuxUnix
3.2.10 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - keyCIS Google Kubernetes Engine (GKE) v1.1.0 L1 WorkerUnix
4.1.2 Ensure a trusted certificate and trust chain is installedCIS NGINX Benchmark v1.0.0 L1 ProxyUnix
4.1.6 Ensure custom Diffie-Hellman parameters are usedCIS NGINX Benchmark v1.0.0 L1 LoadbalancerUnix
4.2 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 3.6 L2 Windows Audit v1.0.0Windows
4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption)CIS MongoDB 5 L1 OS Windows v1.0.0Unix
4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption)CIS MongoDB 5 L1 OS Windows v1.0.0Windows
5.2 Ensure login via 'host' TCP/IP Socket is configured correctly - host TCP/IP Socket is configured correctlyCIS PostgreSQL 14 OS v1.0.0Unix
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabledCIS PostgreSQL 14 OS v1.0.0Unix
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabledCIS PostgreSQL 13 OS v1.1.0Unix
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 13 OS v1.0.0Unix
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 13 OS v1.1.0Unix
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 14 OS v1.0.0Unix
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2017 Database L1 DB v1.2.0MS_SQLDB
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2019 Database L1 AWS RDS v1.2.0MS_SQLDB
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2016 Database L1 AWS RDS v1.3.0MS_SQLDB
7.1 Ensure mod_ssl and/or mod_nss Is InstalledCIS Apache HTTP Server 2.4 L1 v2.0.0 MiddlewareUnix
7.1 Ensure mod_ssl and/or mod_nss Is Installed - 'mod_ssl is loaded'CIS Apache HTTP Server 2.4 L1 v2.0.0Unix
7.2 Ensure a Valid Trusted Certificate Is InstalledCIS Apache HTTP Server 2.4 L1 v2.0.0Unix
7.3 Ensure WAL archiving is configured and functional - archive_commandCIS PostgreSQL 13 OS v1.0.0Unix
7.4 Ensure streaming replication parameters are configured correctlyCIS PostgreSQL 12 DB v1.0.0PostgreSQLDB
7.4 Ensure the TLSv1.0 and TLSv1.1 Protocols are DisabledCIS Apache HTTP Server 2.4 L1 v2.0.0 MiddlewareUnix
7.4 Ensure WAL archiving is configured and functional - /var/lib/pgsql/WALCIS PostgreSQL 14 OS v1.0.0Unix
7.4 Ensure WAL archiving is configured and functional - archive_commandCIS PostgreSQL 14 OS v1.0.0Unix
7.4 Ensure WAL archiving is configured and functional - archive_modeCIS PostgreSQL 14 OS v1.0.0Unix
7.4 Ensure Weak SSL Protocols Are DisabledCIS Apache HTTP Server 2.4 L2 v1.5.0Unix
7.4 Ensure Weak SSL Protocols Are Disabled - 'TLSv1'CIS Apache HTTP Server 2.4 L1 v1.5.0Unix
7.5 Ensure streaming replication parameters are configured correctlyCIS PostgreSQL 14 DB v1.0.0PostgreSQLDB
7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'Global SSLCipherSuite'CIS Apache HTTP Server 2.4 L1 v2.0.0Unix
7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'Global SSLHonorCipherOrder = On'CIS Apache HTTP Server 2.4 L1 v2.0.0 MiddlewareUnix
7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'httpd.conf SSLHonorCipherOrder = On'CIS Apache HTTP Server 2.4 L2 v1.5.0Unix
7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'httpd.conf VirtualHost SSLHonorCipherOrder = On'CIS Apache HTTP Server 2.4 L2 v1.5.0Unix
7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'VirtualHost SSLCipherSuite'CIS Apache HTTP Server 2.4 L1 v2.0.0 MiddlewareUnix
7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'VirtualHost SSLHonorCipherOrder = On'CIS Apache HTTP Server 2.4 L1 v2.0.0 MiddlewareUnix
7.6 Ensure Insecure SSL Renegotiation Is Not EnabledCIS Apache HTTP Server 2.4 L1 v1.5.0Unix
7.6 Ensure Insecure SSL Renegotiation Is Not EnabledCIS Apache HTTP Server 2.4 L2 v1.5.0Unix
7.8 Ensure Medium Strength SSL/TLS Ciphers Are DisabledCIS Apache HTTP Server 2.4 L1 v2.0.0Unix
7.9 Ensure All Web Content is Accessed via HTTPSCIS Apache HTTP Server 2.4 L1 v1.5.0 MiddlewareUnix
7.9 Ensure that CA certificates are rotated as appropriateCIS Docker v1.2.0 L2 Docker LinuxUnix
7.9 Ensure that CA certificates are rotated as appropriateCIS Docker v1.3.1 L2 Docker LinuxUnix
7.10 Ensure OCSP Stapling Is Enabled - SSLStaplingCacheCIS Apache HTTP Server 2.4 L2 v2.0.0 MiddlewareUnix
7.10 Ensure the TLSv1.0 and TLSv1.1 Protocols are DisabledCIS Apache HTTP Server 2.4 L2 v1.5.0Unix
7.11 Ensure OCSP Stapling Is Enabled - SSLUseStaplingCIS Apache HTTP Server 2.4 L2 v1.5.0Unix