Item Search

Name	Audit Name	Plugin	Category
1.6.1.1 Ensure SELinux or AppArmor are installed	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing - 'SELinux status'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing - 'SELINUX'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'complian mode'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	ACCESS CONTROL
1.6.3 Ensure SELinux or AppArmor are installed	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	ACCESS CONTROL
1.6.3.2 Ensure all AppArmor Profiles are enforcing - 0 profiles are in complain mode	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	ACCESS CONTROL
1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - loaded	CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1	Unix	ACCESS CONTROL
1.7.1.3 Ensure SELinux policy is configured - /etc/selinux/config	CIS Red Hat EL7 Server L1 v3.0.1	Unix	ACCESS CONTROL
1.7.1.4 Ensure all AppArmor Profiles are enforcing - profiles complain	CIS SUSE Linux Enterprise 15 Server L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure all AppArmor Profiles are enforcing - profiles loaded	CIS SUSE Linux Enterprise 15 Workstation L2 v1.0.0	Unix	ACCESS CONTROL
1.7.1.4 Ensure the SELinux mode is enforcing or permissive - /etc/selinux/config	CIS Red Hat EL7 Server L1 v3.0.1	Unix	ACCESS CONTROL
1.7.1.5 Ensure the SELinux mode is enforcing - getenforce	CIS Red Hat EL7 Server L2 v3.0.1	Unix	ACCESS CONTROL
1.7.1.6 Ensure no unconfined services exist	CIS Red Hat EL7 Workstation L1 v3.0.1	Unix	ACCESS CONTROL
2.1 Ensure that authentication is enabled for Cassandra databases	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0	Unix	ACCESS CONTROL
2.2 Ensure that authorization is enabled for Cassandra databases	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0	Unix	ACCESS CONTROL
2.4 Set root Ownership of BIND Directories	CIS BIND DNS v1.0.0 L1 Authoritative Name Server	Unix	ACCESS CONTROL
2.8 Set Other Permissions Read-Only for All BIND Directories and Files - files	CIS BIND DNS v1.0.0 L1 Authoritative Name Server	Unix	ACCESS CONTROL
2.9 Isolate BIND with chroot'ed Subdirectory	CIS BIND DNS v1.0.0 L2 Authoritative Name Server	Unix	ACCESS CONTROL
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'apache account is configured'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	ACCESS CONTROL
3.1 Ensure the Apache Web Server Runs As a Non-Root User - 'httpd.conf Group = apache'	CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware	Unix	ACCESS CONTROL
3.3 Restrict Query Origins	CIS BIND DNS v1.0.0 L1 Caching Only Name Server	Unix	ACCESS CONTROL
3.4 Ensure Apache Directories and Files Are Owned By Root	CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware	Unix	ACCESS CONTROL
3.5.2.11 Ensure nftables rules are permanent	CIS Red Hat EL7 Workstation L1 v3.0.1	Unix	ACCESS CONTROL
3.6 Ensure Other Write Access on Apache Directories and Files Is Restricted	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
3.9 Secure the Pid File - 'PidFile directory'	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
3.9 Secure the Pid File - 'PidFile directory'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	ACCESS CONTROL
3.11 Ensure Group Write Access for the Apache Directories and Files Is Properly Restricted	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Deny = from all	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf no Require directives exist'	CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware	Unix	ACCESS CONTROL
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Require all denied	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Allow is configured'	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Allow is configured'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	ACCESS CONTROL
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Deny is configured'	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Order Deny,Allow'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	ACCESS CONTROL
4.2 Ensure Appropriate Access to Web Content Is Allowed - 'Require is configured'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	ACCESS CONTROL
4.4 Ensure OverRide Is Disabled for All Directories	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
4.4 Restrict Access to All Key Files - group root/named	CIS BIND DNS v1.0.0 L1 Caching Only Name Server	Unix	ACCESS CONTROL
4.4 Restrict Access to All Key Files - user root/named	CIS BIND DNS v1.0.0 L1 Authoritative Name Server	Unix	ACCESS CONTROL
5.1.2 Ensure permissions on /etc/crontab are configured	CIS Debian Family Server L1 v1.0.0	Unix	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc'	CIS Ubuntu Linux 16.04 LTS Server L1 v1.1.0	Unix	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrc	CIS Amazon Linux v2.1.0 L1	Unix	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.d/*.sh	CIS Ubuntu Linux 16.04 LTS Server L1 v1.1.0	Unix	ACCESS CONTROL
6.1.1 Audit system file permissions	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	ACCESS CONTROL
7.3 Ensure the Server's Private Key Is Protected	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
7.3 Ensure the Server's Private Key Is Protected	CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware	Unix	ACCESS CONTROL
8.1 Ensure ServerTokens is Set to 'Prod' or 'ProductOnly'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	ACCESS CONTROL
11.2 Ensure Apache Processes Run in the httpd_t Confined Context - apachectl	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	ACCESS CONTROL
18.9.59.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
19.7.26.1 (L1) Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL

Detections

Analytics

Item Search