Item Search

Name	Audit Name	Plugin	Category
1.1.18 Ensure sticky bit is set on all world-writable directories	CIS Amazon Linux 2 v1.0.0 L1	Unix	ACCESS CONTROL
1.1.20 Ensure sticky bit is set on all world-writable directories	CIS Ubuntu Linux 16.04 LTS Workstation L1 v1.1.0	Unix	ACCESS CONTROL
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1	Unix	ACCESS CONTROL
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Oracle Linux 8 Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS CentOS 6 Workstation L1 v2.1.0	Unix	ACCESS CONTROL
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Oracle Linux 6 Workstation L1 v1.1.0	Unix	ACCESS CONTROL
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Red Hat 6 Server L1 v2.1.0	Unix	ACCESS CONTROL
1.3.1 Ensure sudo is installed	CIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0	Unix	ACCESS CONTROL
1.3.2 Ensure sudo commands use pty	CIS Red Hat EL7 Server L1 v3.0.1	Unix	ACCESS CONTROL
1.3.2 Ensure sudo commands use pty	CIS CentOS Linux 8 Server L1 v1.0.0	Unix	ACCESS CONTROL
1.3.2 Ensure sudo commands use pty	CIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0	Unix	ACCESS CONTROL
1.3.2 Ensure sudo commands use pty	CIS Oracle Linux 8 Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing - 'Mode from config file'	CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing - 'Mode from config file'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing - 'SELINUX'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.4 Ensure no unconfined daemons exist	CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.4 Ensure no unconfined daemons exist	CIS Ubuntu Linux 16.04 LTS Server L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.6 Ensure no unconfined daemons exist	CIS Oracle Linux 6 Server L2 v1.1.0	Unix	ACCESS CONTROL
1.6.1.6 Ensure no unconfined daemons exist	CIS Red Hat 6 Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'complian mode'	CIS Ubuntu Linux 16.04 LTS Server L2 v1.1.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'profiles loaded'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'unconfined processes'	CIS Ubuntu Linux 16.04 LTS Server L2 v1.1.0	Unix	ACCESS CONTROL
1.7.1.2 Ensure SELinux is not disabled in bootloader configuration	CIS Red Hat EL7 Server L1 v3.0.1	Unix	ACCESS CONTROL
1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - processes unconfined	CIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - unconfined	CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured	CIS Oracle Linux 8 Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured - /etc/selinux/config	CIS CentOS Linux 8 Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured - sestatus	CIS Red Hat EL7 Server L1 v3.0.1	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux state is enforcing	CIS Oracle Linux 8 Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux state is enforcing	CIS Red Hat EL8 Server L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux state is enforcing	CIS Red Hat EL8 Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux state is enforcing - /etc/selinux/config	CIS CentOS Linux 8 Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux state is enforcing - Current mode: enforcing	CIS CentOS Linux 8 Server L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.5 Ensure the SELinux mode is enforcing - /etc/selinux/config	CIS Red Hat EL7 Workstation L2 v3.0.1	Unix	ACCESS CONTROL
1.7.1.5 Ensure the SELinux mode is enforcing - config	CIS Oracle Linux 7 Server L2 v3.0.0	Unix	ACCESS CONTROL
1.7.1.5 Ensure the SELinux mode is enforcing - config	CIS Oracle Linux 7 Workstation L2 v3.0.0	Unix	ACCESS CONTROL
1.7.1.5 Ensure the SELinux mode is enforcing - getenforce	CIS Red Hat EL7 Workstation L2 v3.0.1	Unix	ACCESS CONTROL
1.7.1.6 Ensure no unconfined services exist	CIS Red Hat EL7 Server L1 v3.0.1	Unix	ACCESS CONTROL
3.5.2.11 Ensure nftables rules are permanent	CIS Red Hat EL7 Server L1 v3.0.1	Unix	ACCESS CONTROL
5.2 Ensure SELinux security options are set, if applicable	CIS Docker Community Edition v1.1.0 L2 Docker	Unix	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrc	CIS Red Hat 6 Workstation L1 v2.1.0	Unix	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile	CIS CentOS 6 Server L1 v2.1.0	Unix	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile	CIS Oracle Linux 6 Server L1 v1.1.0	Unix	ACCESS CONTROL
5.4.5 Ensure default user umask is configured - System Wide default	CIS SUSE Linux Enterprise 15 Server L1 v1.0.0	Unix	ACCESS CONTROL
5.4.5 Ensure default user umask is configured - System Wide default	CIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.5 Use a separate timestamp for each user/tty combo	CIS Apple macOS 10.15 v1.3.0 L1	Unix	ACCESS CONTROL
10.17 Setting Security Lifecycle Listener - check for umask present in startup	CIS Apache Tomcat 9 L1 v1.0.0 Middleware	Unix	ACCESS CONTROL
10.17 Setting Security Lifecycle Listener - check for umask uncommented in startup	CIS Apache Tomcat 9 L1 v1.0.0 Middleware	Unix	ACCESS CONTROL
Ensure no unconfined daemons exist	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	ACCESS CONTROL

Detections

Analytics

Item Search