Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 Ensure only trusted users are allowed to control Docker daemonCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.6.1.9 Ensure non-privileged users are prevented from executing privileged functionsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.16 Ensure IAM policies that allow full '*:*' administrative privileges are not attachedCIS Amazon Web Services Foundations L1 3.0.0amazon_aws

ACCESS CONTROL, MEDIA PROTECTION

2.1 Run the Docker daemon as a non-root user, if possibleCIS Docker v1.6.0 L1 Docker LinuxUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.4 Ensure Docker is allowed to make changes to iptables - daemon.jsonCIS Docker v1.6.0 L1 Docker LinuxUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure Docker is allowed to make changes to iptables - dockerdCIS Docker v1.6.0 L1 Docker LinuxUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure that the User-ID service account does not have interactive logon rightsCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL

2.7 Ensure remote access capabilities for the User-ID service account are forbidden.CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL

2.7 Ensure remote access capabilities for the User-ID service account are forbidden.CIS Palo Alto Firewall 10 v1.2.0 L1Palo_Alto

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.7 Ensure remote access capabilities for the User-ID service account are forbidden.CIS Palo Alto Firewall 9 v1.1.0 L1Palo_Alto

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.14 Ensure containers are restricted from acquiring new privilegesCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

3.4 Ensure that Cassandra is run using a non-privileged, dedicated service accountCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

3.15 Ensure that the Docker socket file ownership is set to root:dockerCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL, MEDIA PROTECTION

3.15 Ensure that the Docker socket file ownership is set to root:dockerCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

4.1.10 If the kubelet config.yaml configuration file is being used validate file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 WorkerUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.1 Ensure sudo is installedCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.1 Ensure sudo is installedCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.2 Ensure sudo commands use ptyCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.2 Ensure sudo commands use ptyCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.2 Ensure sudo commands use ptyCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.2 Ensure sudo commands use ptyCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.2 Minimize the admission of privileged containersCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

5.2.7 Minimize the admission of root containersCIS Kubernetes v1.24 Benchmark v1.0.0 L2 MasterUnix

ACCESS CONTROL

6.9.3 Ensure SSH Key Authentication is not set for Root LoginCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.10.1.5 Ensure Remote Root-Login is denied via SSHCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION