Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.2 Ensure 'SQLNET.CRYPTO_CHECKSUM_SERVER' Is Set to 'REQUIRED'CIS Oracle Server 18c Linux v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.2 Ensure 'SQLNET.CRYPTO_CHECKSUM_SERVER' Is Set to 'REQUIRED'CIS Oracle Server 19c Linux v1.2.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.5.4 (L1) Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.5.4 (L1) Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BLWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Ensure the TLSv1.0 and TLSv1.1 Protocols are DisabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.10 Ensure Weak SSL/TLS Ciphers Are DisabledCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.65.3.9.3 (L1) Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.65.3.9.3 Ensure 'Set client connection encryption level' is set to 'Enabled: High Level' - Enabled: High LevelCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.57.3.9.5 (L1) Ensure 'Set client connection encryption level' is set to 'Enabled: High Level'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Limit SSH to FIPS 140 Validated CiphersNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Limit SSH to FIPS 140 Validated CiphersNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Limit SSH to FIPS 140 Validated CiphersNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Limit SSH to FIPS 140 Validated CiphersNIST macOS Big Sur v1.4.0 - 800-53r5 LowUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Limit SSH to FIPS 140 Validated CiphersNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Limit SSH to FIPS 140 Validated CiphersNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Limit SSH to FIPS 140 Validated CiphersNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Limit SSH to FIPS 140 Validated CiphersNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000650 - The Cisco ASA VPN remote access server must be configured to use AES256 or greater encryption for the IPsec security association to protect the confidentiality of remote access sessions - AES encryption for the IPsec security association to protect the confidentiality of remote access sessions.DISA STIG Cisco ASA VPN v2r1Cisco

ACCESS CONTROL

Catalina - Limit SSH to FIPS 140 Validated CiphersNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated CiphersNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated CiphersNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated CiphersNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated CiphersNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated CiphersNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated CiphersNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - 800-171Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Limit SSH to FIPS 140 Validated Message Authentication Code AlgorithmsNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-000170 - The Kubernetes API Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination.DISA STIG Kubernetes v2r1Unix

ACCESS CONTROL

EDGE-00-000046 - Edge must be configured to allow only TLS.DISA STIG Edge v2r1Windows

ACCESS CONTROL

EX19-ED-000006 SchUseStrongCrypto must be enabled.DISA Microsoft Exchange 2019 Edge Server STIG v2r1Windows

ACCESS CONTROL

FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above.DISA STIG Mozilla Firefox Linux v6r5Unix

ACCESS CONTROL

OL08-00-010295 - The OL 8 operating system must implement DoD-approved TLS encryption in the GnuTLS package.DISA Oracle Linux 8 STIG v2r1Unix

ACCESS CONTROL

RHEL-08-010287 - The RHEL 8 SSH daemon must be configured to use system-wide crypto policies.DISA Red Hat Enterprise Linux 8 STIG v2r1Unix

ACCESS CONTROL

RHEL-08-010293 - The RHEL 8 operating system must implement DoD-approved encryption in the OpenSSL package.DISA Red Hat Enterprise Linux 8 STIG v2r1Unix

ACCESS CONTROL

RHEL-09-255060 - RHEL 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH client connections.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

ACCESS CONTROL

RHEL-09-672035 - RHEL 9 must implement DOD-approved encryption in the OpenSSL package.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

ACCESS CONTROL

SLES-12-030270 - The SUSE operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.DISA SLES 12 STIG v2r13Unix

ACCESS CONTROL

WBSP-AS-000190 - The WebSphere Application Server security cookies must be set to HTTPOnly.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

ACCESS CONTROL

WBSP-AS-000190 - The WebSphere Application Server security cookies must be set to HTTPOnly.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

ACCESS CONTROL