Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of squashfs filesystems is disabledCIS SUSE Linux Enterprise 12 v3.1.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.11 Ensure separate partition exists for /var/tmpCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.17 Ensure separate partition exists for /homeCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.2.5 Ensure valid certificate is set for browser-based administrator interface - CertificatesCIS Palo Alto Firewall 9 v1.1.0 L2Palo_Alto

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.3 Ensure systemd Service Files Are EnabledCIS PostgreSQL 13 OS v1.2.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.3 Ensure authentication required for single user mode - emergency.serviceCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.2 Ensure GDM login banner is configured - banner message textCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.2 Ensure GDM login banner is configured - system-db:gdmCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.5.5 (L1) Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only)CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.7.2 Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.16 Ensure 'debug_print_parse' is disabled - debug_print_parse is disabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.17 Ensure 'debug_print_rewritten' is disabledCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.23 Ensure 'log_hostname' is set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure IP forwarding is disabled - ipv4 sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.6 Ensure broadcast ICMP requests are ignored - sysctl.conf sysctl.dCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1 Ensure legacy TLS protocols are disabledCIS MongoDB 5 L2 OS Linux v1.2.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1 Ensure legacy TLS protocols are disabledCIS MongoDB 6 L2 OS Linux v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure excessive administrative privileges are revokedCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure excessive administrative privileges are revokedCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.7 Make use of predefined rolesCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.20 Ensure SSH AllowTcpForwarding is disabledCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.10 Ensure SSH IgnoreRhosts is enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1 Configure Image Provenance using image controller configuration parametersCIS RedHat OpenShift Container Platform v1.6.0 L2OpenShift

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.11 Ensure no unowned files or directories existCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.3 Ensure that the Certificate used for Decryption is TrustedCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

ACCESS CONTROL, CONFIGURATION MANAGEMENT

10.1 SN.1 Restrict access to suspend featureCIS Oracle Solaris 11.4 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.1.2.2 (L1) Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.3 Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.3 Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 (L2) Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain ControllerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.4 (L1) Ensure 'Configure security policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.5 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.7 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.27.1 Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.33.6.3 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (on battery)' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION