Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 (L1) Ensure the ESXi host firewall is configured to restrict access to services running on the hostCIS VMware ESXi 7.0 v1.4.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure nftables is installedCIS Oracle Linux 8 Server L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.2 Ensure a single firewall configuration utility is in useCIS Oracle Linux 8 Server L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.3 Ensure ufw service is enabledCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure firewalld is installedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.3 Ensure firewalld drops unnecessary services and portsCIS Oracle Linux 8 Server L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.4 Ensure a nftables table existsCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.4 Ensure network interfaces are assigned to appropriate zoneCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3 Ensure an nftables table existsCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.4 Ensure iptables default deny firewall policyCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.1 Ensure ip6tables loopback traffic is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.2 Ensure ip6tables outbound and established connections are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.3 Ensure firewalld service is enabled and runningCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.3 Ensure firewalld service is enabled and runningCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.5 Ensure network interfaces are assigned to appropriate zoneCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.6 Ensure unnecessary services and ports are not acceptedCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure nftables is installedCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.3 Ensure iptables are flushedCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.4 Ensure a table existsCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure loopback traffic is configuredCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.9 Ensure nftables service is enabledCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.1 Ensure default deny firewall policyCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.3 Ensure outbound and established connections are configuredCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.1 Ensure IPv6 default deny firewall policyCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.3 Ensure IPv6 outbound and established connections are configuredCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - OUTPUTCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1 Ensure a single firewall configuration utility is in useCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1 Ensure nftables is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure firewalld drops unnecessary services and portsCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.2 Ensure firewalld loopback traffic is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.2 Ensure iptables-persistent is not installed with ufwCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure nftables base chains existCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure nftables base chains existCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.1 Ensure nftables is installedCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3 Ensure iptables are flushed with nftablesCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3 Ensure nftables default deny firewall policyCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3 Ensure nftables default deny firewall policyCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.4 Ensure nftables loopback traffic is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.5 Ensure nftables base chains existCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.5 Ensure nftables base chains existCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.8 Ensure nftables default deny firewall policyCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.8 Ensure nftables default deny firewall policyCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.1.1 Ensure iptables packages are installedCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.1.2 Ensure nftables is not in use with iptablesCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.2 Ensure ip6tables loopback traffic is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.7 (L1) Host should reject MAC address changes on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.1.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.8 (L1) Host should reject promiscuous mode requests on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.1.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 (L1) Ensure the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 7.0 v1.4.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.2 SN.2 Remove Support for Internet Services (inetd)CIS Oracle Solaris 11.4 L2 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION