Item Search

Name	Audit Name	Plugin	Category
1.2.23 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate	CIS Kubernetes v1.12.0 L1 Master Node	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate	CIS Red Hat OpenShift Container Platform v1.9.0 L1	OpenShift	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfile	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.27 Ensure that the --encryption-provider-config argument is set as appropriate	CIS Kubernetes v1.12.0 L1 Master Node	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.28 Ensure that the --etcd-cafile argument is set as appropriate	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.29 Ensure that the --encryption-provider-config argument is set as appropriate	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.31 Ensure that the --etcd-cafile argument is set as appropriate	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.32 Ensure that the --encryption-provider-config argument is set as appropriate	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.1.8 Ensure critical data in Azure Databricks is encrypted with customer-managed keys (CMK)	CIS Microsoft Azure Foundations v5.0.0 L2	microsoft_azure	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.1 Ensure Binary and Relay Logs are Encrypted	CIS Oracle MySQL Community Server 8.4 v1.1.0 L2 MySQL RDBMS MySQLDB	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.1 Ensure Binary and Relay Logs are Encrypted	CIS Oracle MySQL Community Server 8.4 v1.1.0 L2 MySQL RDBMS on Linux MySQLDB	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.1 Ensure Binary and Relay Logs are Encrypted	CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS MySQLDB	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.1 Ensure Binary and Relay Logs are Encrypted	CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux MySQLDB	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.7 Ensure that a unique Certificate Authority is used for etcd	CIS Red Hat OpenShift Container Platform v1.9.0 L2 OpenShift	OpenShift	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.8 (L1) Host must require TPM-based configuration encryption	CIS VMware ESXi 8.0 v1.3.0 L1 VMware	VMware	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.2.1 Ensure that encryption-at-rest is enabled for RDS instances	CIS Amazon Web Services Foundations v7.0.0 L1	amazon_aws	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.3.1 Ensure that encryption is enabled for EFS file systems	CIS Amazon Web Services Foundations v7.0.0 L1	amazon_aws	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.26 (L1) Host must enable the highest version of TLS supported	CIS VMware ESXi 8.0 v1.3.0 L1 VMware	VMware	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.4 Ensure Federal Information Processing Standard (FIPS) is enabled	CIS MongoDB 6 v1.2.0 L2 MongoDB	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
4.4.2.1 Ensure File System Level encryption is enabled	CIS IBM AIX 7 v1.1.0 L2	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.4.2.2 Ensure Filesystem Encryption via Encrypted Logical Volume is configured	CIS IBM AIX 7 v1.1.0 L2	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.5 Ensure Encryption of Data at Rest	CIS MongoDB 8 v1.0.0 L2 Unix	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.5 Ensure Encryption of Data at Rest	CIS MongoDB 8 v1.0.0 L2 Windows	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.5 Ensure Encryption of Data at Rest	CIS MongoDB 7 v1.2.0 L2 Unix	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.5 Ensure The Latest Version of The Password File Is Used	CIS Oracle Database 23ai v1.1.0 L1 RDBMS	OracleDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.5 Ensure The Latest Version of The Password File Is Used	CIS Oracle Database 19c v2.0.0 L1 RDBMS	OracleDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.7 Ensure VM Disks for Critical VMs Are Encrypted With Customer-Supplied Encryption Keys (CSEK)	CIS Google Cloud Platform Foundation v4.0.0 L2	GCP	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.8 Ensure That Database Link Passwords Are Using The Latest Encryption	CIS Oracle Database 23ai v1.1.0 L1 RDBMS	OracleDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.8 Ensure That Database Link Passwords Are Using The Latest Encryption	CIS Oracle Database 19c v2.0.0 L1 RDBMS	OracleDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.9 Enable data-at-rest encryption in MariaDB	CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS MySQLDB	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.9 Enable data-at-rest encryption in MariaDB	CIS MariaDB 10.6 on Linux L2 v1.1.0	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.9 Use MySQL TDE for At-Rest Data Encryption	CIS Oracle MySQL Community Server 8.4 v1.1.0 L2 MySQL RDBMS MySQLDB	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.10 Use MySQL TDE for At-Rest Data Encryption	CIS MySQL 5.7 Enterprise Database L2 v2.0.0	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.10 Use MySQL TDE for At-Rest Data Encryption	CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L2 MySQL RDBMS on Linux MySQLDB	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.9.1 Enable Customer-Managed Encryption Keys (CMEK) for GKE Persistent Disks (PD)	CIS Google Kubernetes Engine GKE v1.9.0 L2 GCP	GCP	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.9.2 Enable Customer-Managed Encryption Keys (CMEK) for Boot Disks	CIS Google Kubernetes Engine GKE v1.9.0 L2 GCP	GCP	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.1.1 Ensure EBS volume encryption is enabled in all regions	CIS Amazon Web Services Foundations v7.0.0 L1	amazon_aws	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.1.1.3 Ensure the storage account containing the container with activity logs is encrypted with customer-managed key (CMK)	CIS Microsoft Azure Foundations v5.0.0 L2	microsoft_azure	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.2 Ensured 'HashPassword' is set in UsernameToken WS-Security policy	CIS IBM WebSphere Liberty v1.0.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.3 Ensure CallbackHandler is used to access private keys in keystore files	CIS IBM WebSphere Liberty v1.0.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.6 Ensure Binary and Relay Logs are Encrypted	CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS MySQLDB	MySQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Ensure That All BigQuery Tables Are Encrypted With Customer-Managed Encryption Key (CMEK)	CIS Google Cloud Platform Foundation v4.0.0 L2	GCP	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.3 Ensure That a Default Customer-Managed Encryption Key (CMEK) Is Specified for All BigQuery Data Sets	CIS Google Cloud Platform Foundation v4.0.0 L2	GCP	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.5 Ensure Databases are Encrypted with TDE	CIS SQL Server 2016 Database L2 DB v1.4.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.5 Ensure Databases are Encrypted with TDE	CIS Microsoft SQL Server 2022 v1.2.1 L2 Database Engine	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.5 Ensure Databases are Encrypted with TDE	CIS SQL Server 2017 Database L2 DB v1.3.0	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.1 Encrypt the Database	CIS IBM DB2 12.1 v1.0.0 Database Level 2	IBM_DB2DB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.1 Encrypt the Database	CIS IBM DB2 11 v1.2.0 Database Level 2	IBM_DB2DB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
10.19 Ensure Manager Application Passwords are Encrypted	CIS Apache Tomcat 10.1 v1.1.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
10.19 Ensure Manager Application Passwords are Encrypted	CIS Apache Tomcat 10 L1 v1.1.0 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search