Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of squashfs filesystems is disabledCIS SUSE Linux Enterprise 12 v3.1.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.3 Ensure mounting of FAT filesystems is limitedCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.11 Ensure separate partition exists for /var/tmpCIS SUSE Linux Enterprise 12 v3.1.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.11 Ensure separate partition exists for /var/tmpCIS SUSE Linux Enterprise 12 v3.1.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.17 Ensure separate partition exists for /homeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.17 Ensure separate partition exists for /homeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.2 Ensure systemd Service Files Are EnabledCIS PostgreSQL 12 OS v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.2 Ensure systemd Service Files Are EnabledCIS PostgreSQL 16 OS v1.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.3 Ensure systemd Service Files Are EnabledCIS PostgreSQL 14 OS v 1.2.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higherCIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.10 (L1) Host must restrict inter-VM transparent page sharingCIS VMware ESXi 8.0 v1.1.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.14 Ensure the 'sa' Login Account has been renamedCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.14 Ensure the 'sa' Login Account has been renamedCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.14 Ensure the 'sa' Login Account has been renamedCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.15 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databasesCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.16 Ensure 'debug_print_parse' is disabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.17 Ensure 'debug_print_rewritten' is disabledCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.17 Ensure 'debug_print_rewritten' is disabled - debug_print_rewritten is disabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.23 Ensure 'log_hostname' is set correctlyCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.4 (L2) Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved (recommended)' is set to 'Enabled'CIS Microsoft Intune for Windows 11 v3.0.1 L2Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.10.25.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2 Ensure excessive administrative privileges are revokedCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.3 Ensure excessive function privileges are revokedCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.20 Ensure SSH AllowTcpForwarding is disabledCIS SUSE Linux Enterprise 12 v3.1.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.10 Ensure SSH IgnoreRhosts is enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.11 Ensure SSH HostbasedAuthentication is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR AssembliesCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.9 Ensure root is the only UID 0 accountCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.5.1 Ensure VM limits are configured correctly - CPU Share LevelCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.1.2.2 (L1) Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.4.6 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.7 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.7 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.7 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.33.6.4 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (plugged in)' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.33.6.4 (L1) Ensure 'Allow standby states (S1-S3) when sleeping (plugged in)' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

45.7 (L1) Ensure 'Interactive logon: Do not display last signed-in' is set to 'Enabled'CIS Microsoft Intune for Windows 10 v3.0.1 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

45.23 (L1) Ensure 'Network Security: Allow PKU2U authentication requests' is set to 'Block'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION