Item Search

Name	Audit Name	Plugin	Category
1.1.3 Ensure 'Allow remote users to interact with elevated windows in remote assistance sessions' is set to 'Disabled'.	CIS Google Chrome L1 v2.0.0	Windows	CONFIGURATION MANAGEMENT
1.2.1 Set 'privilege 1' for local users - 'All users have encrypted passwords'	CIS Cisco IOS 15 L1 v4.1.0	Cisco
1.2.1 Set 'privilege 1' for local users - 'No users with privileges 2-15'	CIS Cisco IOS 15 L1 v4.1.0	Cisco
1.2.15 Ensure that the admission control plugin NamespaceLifecycle is set	CIS Kubernetes Benchmark v1.6.1 L1 Master	Unix
1.2.16 Ensure that the admission control plugin PodSecurityPolicy is set	CIS Kubernetes Benchmark v1.6.1 L1 Master	Unix
1.2.17 Ensure that the admission control plugin NodeRestriction is set	CIS Kubernetes Benchmark v1.6.1 L1 Master	Unix
1.3.1 Ensure sudo is installed	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
1.3.1 Ensure sudo is installed	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.3.1 Ensure that the --terminated-pod-gc-threshold argument is set as appropriate	CIS Kubernetes Benchmark v1.6.1 L1 Master	Unix
1.3.2 Ensure sudo commands use pty	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	ACCESS CONTROL
1.3.2 Ensure that the --profiling argument is set to false	CIS Kubernetes Benchmark v1.6.1 L1 Master	Unix
1.3.3 Ensure that the --use-service-account-credentials argument is set to true	CIS Kubernetes Benchmark v1.6.1 L1 Master	Unix
1.11 Ensure that Separation of duties is enforced while assigning KMS related roles to users	CIS Google Cloud Platform v1.1.0 L2	GCP
1.15 Ensure that 'Restrict access to Azure AD administration portal' is set to 'Yes'	CIS Microsoft Azure Foundations v1.3.1 L1	microsoft_azure
1.16 Ensure IAM policies that allow full ':' administrative privileges are not attached	CIS Amazon Web Services Foundations L1 2.0.0	amazon_aws
1.16 Ensure IAM policies that allow full ':' administrative privileges are not attached - : administrative privileges are not attached	CIS Amazon Web Services Foundations L1 1.4.0	amazon_aws
1.21 Ensure that no custom subscription owner roles are created - Action Types	CIS Microsoft Azure Foundations v1.3.1 L2	microsoft_azure
1.21 Ensure that no custom subscription owner roles are created - Assignable Scope	CIS Microsoft Azure Foundations v1.3.1 L2	microsoft_azure
2.2 Ensure that the --client-cert-auth argument is set to true	CIS Kubernetes Benchmark v1.6.1 L1 Master	Unix
2.4 Ensure Docker is allowed to make changes to iptables - daemon.json	CIS Docker v1.3.1 L1 Docker Linux	Unix
2.6 Ensure that the --peer-auto-tls argument is not set to true	CIS Kubernetes Benchmark v1.6.1 L1 Master	Unix
2.14 Ensure containers are restricted from acquiring new privileges	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.1 Ensure that the docker.service file ownership is set to root:root	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.3 Ensure that docker.socket file ownership is set to root:root	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.5 Ensure that the /etc/docker directory ownership is set to root:root	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.7 Ensure that registry certificate file ownership is set to root:root	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.13 Ensure that the Docker server certificate key file ownership is set to root:root	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.15 Ensure that the Docker socket file ownership is set to root:docker	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.17 Ensure that the daemon.json file ownership is set to root:root	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.19 Ensure that the /etc/default/docker file ownership is set to root:root	CIS Docker v1.3.1 L1 Docker Linux	Unix
3.21 Ensure that the /etc/sysconfig/docker file ownership is set to root:root	CIS Docker v1.3.1 L1 Docker Linux	Unix
4.1 Ensure that a user for the container has been created	CIS Docker v1.3.1 L1 Docker Linux	Unix
4.8 Ensure setuid and setgid permissions are removed	CIS Docker v1.3.1 L2 Docker Linux	Unix
5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster	CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master	Unix	IDENTIFICATION AND AUTHENTICATION
5.2 Ensure SNMPv1/2 are set to Read Only	CIS Juniper OS Benchmark v2.0.0 L1	Juniper	ACCESS CONTROL
5.2 Ensure SNMPv1/2 are set to Read Only	CIS Juniper OS Benchmark v2.1.0 L1	Juniper	ACCESS CONTROL
5.5 Ensure SNMP Write Access is not set	CIS Juniper OS Benchmark v2.0.0 L2	Juniper	CONFIGURATION MANAGEMENT
5.8.3 Ensure Legacy Authorization (ABAC) is Disabled	CIS Google Kubernetes Engine (GKE) v1.5.0 L1	GCP
5.8.4 Ensure Legacy Authorization (ABAC) is Disabled	CIS Google Kubernetes Engine (GKE) v1.4.0 L1	GCP
5.8.4 Ensure Legacy Authorization (ABAC) is Disabled	CIS Google Kubernetes Engine (GKE) v1.1.0 L1 Master	GCP
5.8.4 Ensure Legacy Authorization (ABAC) is Disabled	CIS Google Kubernetes Engine (GKE) v1.3.0 L1	GCP
5.22 Ensure that docker exec commands are not used with the privileged option	CIS Docker v1.3.1 L2 Docker Linux	Unix
5.23 Ensure that docker exec commands are not used with the user=root option	CIS Docker v1.3.1 L2 Docker Linux	Unix
5.25 Ensure that the container is restricted from acquiring additional privileges	CIS Docker v1.3.1 L1 Docker Linux	Unix
5.31 Ensure that the Docker socket is not mounted inside any containers	CIS Docker v1.3.1 L1 Docker Linux	Unix
6.1.2 Create baseline of executables that require a specific group for elevation to a different EUID (not scored)	CIS IBM AIX 7.2 L2 v1.1.0	Unix	ACCESS CONTROL
6.4 Restrict root Login to System Console	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	ACCESS CONTROL
6.5 Restrict Access to the su Command - auth required pam_wheel.so use_uid'	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	ACCESS CONTROL
6.11.4 Ensure Console Port is Set as Insecure	CIS Juniper OS Benchmark v2.1.0 L2	Juniper	ACCESS CONTROL
8.5 Enable role-based access control (RBAC) within Azure Kubernetes Services	CIS Microsoft Azure Foundations v1.3.1 L1	microsoft_azure

Detections

Analytics

Item Search