Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.3 Ensure that the --kubelet-https argument is set to trueCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.1 Ensure crypto-policies-scripts package is installedCIS SUSE Linux Enterprise 15 v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure system wide crypto policy is not set in sshd configurationCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure system wide crypto policy is not set in sshd configurationCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure system wide crypto policy is not set in sshd configurationCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.9 Ensure 'External send connector authentication: IgnoreStartTLS' is set to 'False'CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Do Not Specify Passwords in Command LineCIS MySQL 5.7 Community Linux OS L1 v2.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Do Not Specify Passwords in Command LineCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.5 Ensure 'Enable S/MIME for OWA' is set to 'True'CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.6 Ensure 'Require client MAPI encryption' is set to 'True'CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriateCIS RedHat OpenShift Container Platform v1.6.0 L1OpenShift

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.5 Ensure only encrypted access channels are enabledCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure 'log_error' Has Appropriate PermissionsCIS MySQL 8.0 Community Linux OS L1 v1.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure 'log_error' Has Appropriate PermissionsCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.12 Ensure session resumption is disabled to enable perfect forward securityCIS NGINX Benchmark v2.1.0 L2 LoadbalancerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure 'trustDefaultCerts' is set to 'false'CIS IBM WebSphere Liberty v1.0.0 L2Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.11 Verify that the RotateKubeletServerCertificate argument is set to trueCIS RedHat OpenShift Container Platform v1.6.0 L2OpenShift

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.12 Ensure `httpPort` attribute set to `-1`CIS IBM WebSphere Liberty v1.0.0 L1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.22 Ensure sshd crypto_policy is not setCIS Red Hat EL8 Workstation L1 v3.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.22 Ensure sshd crypto_policy is not setCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.22 Ensure sshd crypto_policy is not setCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3 Database Manager Configuration Parameter: ALTERNATE_AUTH_ENCCIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3 Database Manager Configuration Parameter: ALTERNATE_AUTH_ENCCIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure SSLEnabled is set to True for Sensitive ConnectorsCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure SSLEnabled is set to True for Sensitive ConnectorsCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure SSLEnabled is set to True for Sensitive Connectors - verify SSLEnabled is set to trueCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.6 Ensure 'AlgorithmSuite' is set to that strong algorithms for signing and encrypting messages with WS-Security policyCIS IBM WebSphere Liberty v1.0.0 L1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure 'secure_auth' is Set to 'ON' - ONCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure Network Encryption is Configured and EnabledCIS Microsoft SQL Server 2019 v1.4.0 L2 Database EngineMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure Network Encryption is Configured and EnabledCIS SQL Server 2016 Database L2 DB v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure WAL archiving is configured and functionalCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure WAL archiving is configured and functional - archive_commandCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.6 Ensure TLS 1.2 is EnabledCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure 'require_secure_transport' is Set to 'ON' and/or 'have_ssl' is Set to 'YES'CIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure 'require_secure_transport' is Set to 'ON' and/or 'have_ssl' is Set to 'YES'CIS MySQL 8.0 Community Database L1 v1.0.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure 'require_secure_transport' is Set to 'ON' and/or 'have_ssl' is Set to 'YES'CIS MySQL 8.0 Enterprise Database L1 v1.3.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1.11 Enable Remote TLS Connections to Db2 (DB2COMM)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8.1.11 Enable Remote TLS Connections to Db2 (DB2COMM)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure Replication Traffic Is SecuredCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure Replication Traffic is SecuredCIS MySQL 8.0 Enterprise Database L1 v1.3.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure Replication Traffic is SecuredCIS MySQL 5.7 Community Database L1 v2.0.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure Replication Traffic Is SecuredCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure Replication Traffic Is SecuredCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure Replication Traffic is SecuredCIS MySQL 5.7 Community Linux OS L1 v2.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure Replication Traffic Is SecuredCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.1 Ensure All Group Replication Traffic is SecuredCIS MySQL 8.0 Community Database L1 v1.0.0MySQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

10.4 Force SSL when accessing the manager application via HTTPCIS Apache Tomcat 10.1 v1.0.0 L1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION