Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure the Pre-Installation Planning Checklist Has Been ImplementedCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix
1.3.1 Ensure 'Minimum Password Complexity' is enabledCIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.3.1 Ensure 'Minimum Password Complexity' is enabledCIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

IDENTIFICATION AND AUTHENTICATION

1.7.8 Ensure GDM autorun-never is enabledCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

MEDIA PROTECTION

1.7.8 Ensure GDM autorun-never is enabledCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

MEDIA PROTECTION

1.8 Ensure 'Attachment Filtering Agent' is configuredCIS Microsoft Exchange Server 2019 L1 Edge v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.25 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL

2.2.25 Ensure 'Deny log on as a batch job' to include 'Guests' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

2.2.26 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.2.26 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.2.27 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.2.27 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

ACCESS CONTROL

2.2.28 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL

2.2.28 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

2.2.29 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.2.31 Ensure 'Deny log on locally' to include 'Guests, Enterprise Admins group, and Domain Admins group' (STIG MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL

2.2.46 Ensure 'Manage auditing and security log' is set to 'Administrators' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG DC & MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL

2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG DC & MS only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

3.1 Ensure detailed logging is enabledCIS NGINX Benchmark v2.1.0 L1 WebserverUnix

AUDIT AND ACCOUNTABILITY

3.1 Ensure detailed logging is enabledCIS NGINX Benchmark v2.1.0 L1 LoadbalancerUnix

AUDIT AND ACCOUNTABILITY

3.4 Ensure Auto-Scaling Launch Configuration for App-Tier is configured to use an approved Amazon Machine ImageCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

CONFIGURATION MANAGEMENT

4.1.2.1 Ensure local user Home directories existsCIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.2.5 Ensure access to /etc/security is configuredCIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.7.1.5 SECURITY Subsystems: /etc/securityCIS IBM AIX 7.2 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.2 Configuring syslog - remote logging - *.info;auth.none in /etc/syslog.confCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.1.2 Configuring syslog - remote logging - auth.info in /etc/syslog.confCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

7.2.2 Ensure syslog is configured to send logs to a remote log hostCIS IBM AIX 7 v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

7.2.10 Ensure reauthentication with verification code is restrictedCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

CONFIGURATION MANAGEMENT

8.1.2 Configuring syslog - remote loggingCIS IBM AIX 7.2 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

17.4.4 Ensure 'Audit Directory Service Changes' is set to include 'Success and Failure' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SYSTEM AND INFORMATION INTEGRITY

Check that log-opts:max-size is set since max-file is only effective if max-size is also set.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix
Check to see if docker.service file exist. It is NOT a finding if it does not exist.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix
Check to see if docker.socket file exist. It is NOT a finding if it does not exist.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix
Check to see if we are using CentOS.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix
Check to see if we are using Ubuntu.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix
CIS Control 1 (1.6) Ensure that unauthorized assets are removed, quarantined or the inventory is updatedCAS Implementation Group 1 Audit FileUnix

CONFIGURATION MANAGEMENT

CIS_Cisco_Firewall_v8.x_Level_1_v4.2.0.audit for Cisco Firewall v8.x from CIS Cisco Firewall v8.x Benchmark v4.2.0CIS Cisco Firewall v8.x L1 v4.2.0Cisco
DKER-EE-001000 - The Docker Enterprise Per User Limit Login Session Control in the Universal Control Plane (UCP) Admin Settings must be set to an organization-defined value for all accounts and/or account types.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

ACCESS CONTROL

DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise - lifetime_minutesDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise - renewal_threshold_minutesDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Ensure Userland Proxy is Disabled - daemon.jsonDISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix
VCWN-65-000057 - The vCenter Server for Windows must enable TLS 1.2 exclusively.DISA STIG VMware vSphere vCenter 6.5 v2r3VMware

CONFIGURATION MANAGEMENT