Item Search

NameAudit NamePluginCategory
1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountCIS Microsoft SharePoint 2016 OS v1.1.0Windows

CONFIGURATION MANAGEMENT

1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountCIS Microsoft SharePoint 2019 OS v1.0.0Windows

CONFIGURATION MANAGEMENT

1.1.3.17.7 Set 'User Account Control: Switch to the secure desktop when prompting for elevation' to 'Enabled'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.4.3 Ensure that the config file permissions are set to 644 or more restrictiveCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.5 Ensure that the scheduler file permissions are set to 644 or more restrictiveCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.5 Ensure that the scheduler pod specification file permissions are set to 644 or more restrictiveCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.5 Ensure that the scheduler pod specification file permissions are set to 644 or more restrictiveCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

1.4.6 Ensure that the scheduler file ownership is set to root:rootCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.7 Ensure that the etcd pod specification file permissions are set to 644 or more restrictiveCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.8 Ensure that the etcd.conf file ownership is set to root:rootCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.13 Ensure that the admin.conf file permissions are set to 644 or more restrictiveCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

1.4.13 Ensure that the admin.conf file permissions are set to 644 or more restrictiveCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.14 Ensure that the admin.conf file ownership is set to root:rootCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

1.4.15 Ensure that the scheduler.conf file permissions are set to 644 or more restrictiveCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

1.6.1 Ensure that the cluster-admin role is only used where requiredCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

CONFIGURATION MANAGEMENT

1.6.1 Ensure that the cluster-admin role is only used where requiredCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.7.1 Do not admit privileged containersCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

1.7.1.5 Ensure permissions on /etc/issue are configuredCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.7.1.6 Ensure permissions on /etc/issue.net are configuredCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.7.3 Do not admit containers wishing to share the host IPC namespaceCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

CONFIGURATION MANAGEMENT

1.7.4 Do not admit containers wishing to share the host network namespaceCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

1.7.6 Do not admit root containersCIS Kubernetes 1.11 Benchmark v1.3.0 L2Unix

CONFIGURATION MANAGEMENT

1.7.6 Do not admit root containersCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix

CONFIGURATION MANAGEMENT

1.7.7 Do not admit containers with dangerous capabilitiesCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix

CONFIGURATION MANAGEMENT

2.2.1 Ensure that the kubelet.conf file permissions are set to 644 or more restrictiveCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

2.2.2 Ensure that the kubelet.conf file ownership is set to root:rootCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.3 Ensure that the kubelet file permissions are set to 644 or more restrictiveCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.3 Ensure that the kubelet service file permissions are set to 644 or more restrictiveCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

2.2.5 Ensure that the proxy file permissions are set to 644 or more restrictiveCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.5 Ensure that the proxy kubeconfig file permissions are set to 644 or more restrictiveCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

2.2.6 Ensure that the proxy kubeconfig file ownership is set to root:rootCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.6 Ensure that the proxy kubeconfig file ownership is set to root:rootCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

2.2.8 Ensure that the client certificate authorities file ownership is set to root:rootCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

CONFIGURATION MANAGEMENT

2.5 Ensure the SharePoint setup account is configured with the minimum privileges on the SQL server - db_ownerCIS Microsoft SharePoint 2016 DB v1.1.0MS_SQLDB

ACCESS CONTROL

3.2.1.9 Ensure 'Allow Erase All Content and Settings' is set to 'Disabled'AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.3 Ensure that MongoDB is run using a non-privileged, dedicated service accountCIS MongoDB 3.2 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

3.17 Ensure that daemon.json file ownership is set to root:rootCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

4.1 Ensure device is not obviously jailbrokenAirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

4.1 Ensure device is not obviously jailbrokenMobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

4.1.12 Ensure use of privileged commands is collectedCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.1.4 Ensure permissions on /etc/cron.daily are configuredCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

5.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

5.1.7 Ensure permissions on /etc/cron.d are configuredCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Windows 7 Workstation Level 1 v3.2.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows 10 1803 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows Server 2016 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows Server v20H2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Ensure access to the su command is restricted - wheel group contains rootTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure permissions on /etc/motd are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure shadow group is emptyTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL