Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.20 Ensure sticky bit is set on all world-writable directoriesCIS Ubuntu Linux 16.04 LTS Server L1 v1.1.0Unix

ACCESS CONTROL

1.1.21 Ensure sticky bit is set on all world-writable directoriesCIS Oracle Linux 8 Server L1 v1.0.0Unix

ACCESS CONTROL

1.1.22 Ensure sticky bit is set on all world-writable directoriesCIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0Unix

ACCESS CONTROL

1.3.2 Ensure filesystem integrity is regularly checkedCIS CentOS 7 v3.1.1 Workstation L1Unix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Red Hat EL7 Workstation L1 v3.0.1Unix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Oracle Linux 8 Server L1 v1.0.0Unix

ACCESS CONTROL

1.6.1.1 Ensure SELinux is not disabled in bootloader configurationCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcingCIS Amazon Linux v2.1.0 L2Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcingCIS Amazon Linux 2 v1.0.0 L2Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcingCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcingCIS Red Hat 6 Workstation L2 v2.1.0Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcing - 'SELINUX'CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0Unix

ACCESS CONTROL

1.6.1.3 Ensure SELinux policy is configuredCIS Amazon Linux 2 v1.0.0 L2Unix

ACCESS CONTROL

1.6.1.4 Ensure no unconfined daemons existCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0Unix

ACCESS CONTROL

1.6.1.6 Ensure no unconfined daemons existCIS CentOS 6 Server L2 v2.1.0Unix

ACCESS CONTROL

1.6.1.6 Ensure no unconfined daemons existCIS CentOS 6 Workstation L2 v2.1.0Unix

ACCESS CONTROL

1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'complian mode'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

ACCESS CONTROL

1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'profiles loaded'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0Unix

ACCESS CONTROL

1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'unconfined processes'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0Unix

ACCESS CONTROL

1.7.1.2 Ensure SELinux is not disabled in bootloader configurationCIS CentOS Linux 8 Server L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.2 Ensure SELinux is not disabled in bootloader configurationCIS Red Hat EL8 Server L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - profiles loadedCIS SUSE Linux Enterprise 15 Server L1 v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure SELinux policy is configuredCIS Red Hat EL8 Server L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure SELinux policy is configuredCIS Oracle Linux 8 Server L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure SELinux policy is configuredCIS Red Hat EL8 Workstation L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure SELinux policy is configured - /etc/selinux/configCIS Red Hat EL7 Workstation L1 v3.0.1Unix

ACCESS CONTROL

1.7.1.3 Ensure SELinux policy is configured - /etc/selinux/configCIS CentOS Linux 8 Server L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure SELinux policy is configured - sestatusCIS CentOS Linux 8 Server L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure SELinux policy is configured - sestatusCIS Red Hat EL7 Workstation L1 v3.0.1Unix

ACCESS CONTROL

1.7.1.4 Ensure all AppArmor Profiles are enforcing - profiles complainCIS SUSE Linux Enterprise 15 Workstation L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.4 Ensure the SELinux mode is enforcing or permissive - getenforceCIS Red Hat EL7 Workstation L1 v3.0.1Unix

ACCESS CONTROL

1.7.1.4 Ensure the SELinux state is enforcing - Current mode: enforcingCIS CentOS Linux 8 Workstation L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.4 Ensure the SELinux state is enforcing - SELinux status: enabledCIS CentOS Linux 8 Workstation L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.5 Ensure no unconfined services existCIS CentOS Linux 8 Workstation L2 v1.0.0Unix

ACCESS CONTROL

3.4.3.8 Ensure nftables rules are permanentCIS CentOS Linux 8 Workstation L1 v1.0.0Unix

ACCESS CONTROL

3.4.3.8 Ensure nftables rules are permanentCIS CentOS Linux 8 Server L1 v1.0.0Unix

ACCESS CONTROL

5.3 Reduce the sudo timeout periodCIS Apple macOS 10.14 v1.3.0 L1Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc'CIS Ubuntu Linux 16.04 LTS Workstation L1 v1.1.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrcCIS Red Hat 6 Server L1 v2.1.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrcCIS Amazon Linux 2 v1.0.0 L1Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrcCIS CentOS 6 Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profileCIS CentOS 6 Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profileCIS Red Hat 6 Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profileCIS Amazon Linux 2 v1.0.0 L1Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.d/*.shCIS Ubuntu Linux 16.04 LTS Workstation L1 v1.1.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile.d/*CIS CentOS 6 Server L1 v2.1.0Unix

ACCESS CONTROL

5.4.5 Ensure default user umask is configured - profilesCIS SUSE Linux Enterprise 15 Server L1 v1.0.0Unix

ACCESS CONTROL

5.5 Use a separate timestamp for each user/tty comboCIS Apple macOS 10.14 v1.3.0 L1Unix

ACCESS CONTROL

5.5 Use a separate timestamp for each user/tty comboCIS Apple macOS 11 v1.1.0 L1Unix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask uncommented in startupCIS Apache Tomcat 9 L1 v1.0.0Unix

ACCESS CONTROL