Item Search

NameAudit NamePluginCategory
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.14 Ensure that the default administrative credential file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictiveCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.8.2 Set username secret for all local usersCIS Cisco IOS XR 7.x v1.0.0 L1Cisco

ACCESS CONTROL

3.5 Ensure that the /etc/docker directory ownership is set to root:rootCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - clusterAdminCIS MongoDB 3.2 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - clusterAdminCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - readWriteAnyDatabaseCIS MongoDB 3.2 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - readWriteAnyDatabaseCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - userAdminCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.9 Ensure that TLS CA certificate file ownership is set to root:rootCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL

3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in AccountsCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

ACCESS CONTROL

3.22 Ensure that the /etc/sysconfig/docker file ownership is set to root:rootCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

4.1.6 Avoid use of system:masters groupCIS Google Kubernetes Engine (GKE) v1.6.1 L1GCP

ACCESS CONTROL

4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL

4.1.7 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Google Kubernetes Engine (GKE) v1.6.1 L1GCP

ACCESS CONTROL

4.1.8 Ensure that the client certificate authorities file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL

4.1.10 If the kubelet config.yaml configuration file is being used validate file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL

4.1.10 If the kubelet config.yaml configuration file is being used validate file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

5.1.7 Avoid use of system:masters groupCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

5.2.2 Minimize the admission of privileged containersCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for privilege escalationCIS Debian Linux 12 v1.1.0 L2 ServerUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.6 Minimize the admission of containers with allowPrivilegeEscalationCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

5.2.7 Minimize the admission of root containersCIS Kubernetes v1.10.0 L2 MasterUnix

ACCESS CONTROL

5.2.7 Minimize the admission of root containersCIS Kubernetes v1.24 Benchmark v1.0.0 L2 MasterUnix

ACCESS CONTROL

5.24 Ensure that docker exec commands are not used with the user=root optionCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL

6.1.1 Ensure sudo is installedCIS IBM AIX 7 v1.0.0 L2Unix

ACCESS CONTROL

6.2.2 Ensure at.allow is configuredCIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL

6.2.4 Ensure cron.allow is configuredCIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL

6.3.1 Privilege escalation: sudoCIS IBM AIX 7.2 L2 v1.1.0Unix

ACCESS CONTROL

6.4 Adding authorized users in at.allowCIS IBM AIX 7.2 L1 v1.1.0Unix

ACCESS CONTROL

6.6 Adding authorized users in cron.allowCIS IBM AIX 7.2 L1 v1.1.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 7 L2 v1.1.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 7 L2 v1.1.0 MiddlewareUnix

ACCESS CONTROL