Item Search

NameAudit NamePluginCategory
1.12 Ensure Maximum number of failed attempts allowed is set to 5 or fewerCIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

3.1.3 - MobileIron - Set the 'minimum password length'MobileIron - CIS Apple iOS 8 v1.0.0 L1MDM

IDENTIFICATION AND AUTHENTICATION

3.1.3 - MobileIron - Set the 'minimum password length'MobileIron - CIS Apple iOS 9 v1.0.0 L1MDM

IDENTIFICATION AND AUTHENTICATION

3.3.2.2 Set 'ip ospf message-digest-key md5'CIS Cisco IOS 15 L2 v4.1.1Cisco

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2 Configure CDPCIS Cisco NX-OS v1.2.0 L2Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.2 Ensure password reuse is limitedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.3 Ensure password reuse is limitedCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.3 Ensure password reuse is limitedCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.4 Ensure password reuse is limitedCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

5.4.4 Ensure password reuse is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.4 Ensure password reuse is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.14 Ensure Browser Framing Is RestrictedCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop.MobileIron - DISA Apple iOS 12 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-13-011200 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS/iPadOS 13 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-13-011200 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.MobileIron - DISA Apple iOS/iPadOS 13 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS/iPadOS 14 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.MobileIron - DISA Apple iOS/iPadOS 14 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-16-011000 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS/iPadOS 16 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-16-011000 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow MailDrop.MobileIron - DISA Apple iOS/iPadOS 16 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-17-011000 - Apple iOS/iPadOS 17 must implement the management setting: Disable Allow MailDrop.AirWatch - DISA Apple iOS/iPadOS 17 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-17-011000 - Apple iOS/iPadOS 17 must implement the management setting: Disable Allow MailDrop.MobileIron - DISA Apple iOS/iPadOS 17 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Internet ZoneMSCT Windows 10 v21H1 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Internet ZoneMSCT Windows Server 2019 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Internet ZoneMSCT Windows 11 v22H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Internet ZoneMSCT Windows 11 v24H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Restricted Sites ZoneMSCT Windows 10 1903 v1.19.9Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Restricted Sites ZoneMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Restricted Sites ZoneMSCT MSCT Windows Server 2022 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Restricted Sites ZoneMSCT Windows Server v20H2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Restricted Sites ZoneMSCT Windows Server 2025 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Big Sur - Enforce Session Lock After Screen Saver is StartedNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

ACCESS CONTROL

Big Sur - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION

Big Sur - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Big Sur v1.4.0 - 800-53r5 LowUnix

IDENTIFICATION AND AUTHENTICATION

Catalina - Enforce Session Lock After Screen Saver is StartedNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

ACCESS CONTROL

Catalina - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION

Catalina - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

IDENTIFICATION AND AUTHENTICATION

Catalina - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION

CIS_Red_Hat_EL5_v2.2.1_L1.audit from Red Hat Enterprise Linux 5 BenchmarkCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix
CIS_Red_Hat_EL5_v2.2.1_L2.audit from Red Hat Enterprise Linux 5 BenchmarkCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix
CISC-RT-000510 - The Cisco BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer.DISA STIG Cisco IOS Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000560 - The Cisco BGP router must be configured to use the maximum prefixes feature to protect against route table flooding and prefix de-aggregation attacks.DISA STIG Cisco IOS Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

IDENTIFICATION AND AUTHENTICATION

GEN003800 - Inetd or xinetd logging/tracing must be enabled.DISA STIG Solaris 10 X86 v2r4Unix

AUDIT AND ACCOUNTABILITY

MinSpareServers parameter value should be appropriately configured.TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Prohibit Password Reuse for a Minimum of Five GenerationsNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION

Rackspace Database Backups - Every DB instance backed up since the last scan.Tenable Best Practices RackSpace v2.0.0Rackspace

CONTINGENCY PLANNING

VCENTER-000027 - The system must set a timeout for all thick-client logins without activity.DISA STIG VMWare ESXi vCenter 5 STIG v2r1VMware

CONFIGURATION MANAGEMENT