Item Search

NameAudit NamePluginCategory
1.1.3.17.7 Set 'User Account Control: Switch to the secure desktop when prompting for elevation' to 'Enabled'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2.27 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.2.29 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.2.30 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.2.46 Ensure 'Manage auditing and security log' is set to 'Administrators' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

3.1.3.2 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

ACCESS CONTROL

4.1.6 Ensure events that modify user/group information are collected - auditctl /etc/shadowCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.4.7 Ensure minimum and maximum requirements are set for password changes - maxrepeatCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.018 - Windows Messenger (MSN Messenger, .NET messenger) is run at system startup.DISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

5.140 - The HBSS McAfee Agent is not installed. - FrameworkServiceDISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

5.140 - The HBSS McAfee Agent is not installed. - masvcDISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

7.1 Ensure that the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 6.5 v1.0.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Set Strong Password Creation Policies - DICTIONDBDIR = /var/passwdCIS Solaris 11.2 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MAXREPEATS = 0CIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MAXREPEATS = 0CIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MINDIFF = 3CIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MINDIFF = 3CIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MINUPPER = 1CIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - WHITESPACE = yesCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - WHITESPACE = yesCIS Solaris 11 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

ACCESS CONTROL

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

ACCESS CONTROL

18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL

18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

CONFIGURATION MANAGEMENT

18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Access control listsArubaOS CX 10.x Hardening Guide v1.0.0ArubaOS

SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-18-015500 - Apple iOS/iPadOS 18 must disable the download of iOS/iPadOS beta updates.AirWatch - DISA Apple iOS/iPadOS 18 v1r1MDM

CONFIGURATION MANAGEMENT

AIOS-18-015500 - Apple iOS/iPadOS 18 must disable the download of iOS/iPadOS beta updates.MobileIron - DISA Apple iOS/iPadOS 18 v1r1MDM

CONFIGURATION MANAGEMENT

Brocade - root account is enabled with root role assignedTenable Best Practices Brocade FabricOSBrocade

ACCESS CONTROL

CISC-ND-000250 - The Cisco router must be configured to generate audit records when successful/unsuccessful attempts to logon with access privileges occur.DISA STIG Cisco IOS-XR Router NDM v3r2Cisco

AUDIT AND ACCOUNTABILITY

Console inactivity timerArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

ACCESS CONTROL

DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
GEN003619 - The system must not be configured for network bridging.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

HP ProCurve - 'Disable TFTP client'TNS HP ProCurveHPProCurve

CONFIGURATION MANAGEMENT

HP ProCurve - 'Disable TFTP server'TNS HP ProCurveHPProCurve

CONFIGURATION MANAGEMENT

HP ProCurve - 'Enable DHCP snooping'TNS HP ProCurveHPProCurve

SYSTEM AND COMMUNICATIONS PROTECTION

HP ProCurve - 'Enable SNMPv3'TNS HP ProCurveHPProCurve

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

SNMP Destination - Community NameTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

SNMPv1 and v2c vs SNMPv3 - snmpv3 enableArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

SQL6-D0-004300 - SQL Server must be configured to generate audit records for DoD-defined auditable events within all DBMS/database components.DISA STIG SQL Server 2016 Instance DB Audit v3r2MS_SQLDB

AUDIT AND ACCOUNTABILITY

Syslog - Local File Destination - Admin StateTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

Syslog - Local File Destination - SeverityTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

Syslog - Show MilliSeconds in TimestampTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY