Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobeCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.1.4 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.5 Ensure nosuid option set on /tmp partitionCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.6 Ensure noexec option set on /tmp partitionCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.1.9 Disable AutomountingCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

MEDIA PROTECTION

1.1.9 Disable AutomountingCIS CentOS Linux 8 Server L1 v2.0.0Unix

MEDIA PROTECTION

1.1.9 Disable AutomountingCIS Debian 10 Server L1 v2.0.0Unix

MEDIA PROTECTION

1.1.9 Ensure autofs is not installed or the autofs service is disabledCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

MEDIA PROTECTION

1.1.20 Disable AutomountingCIS Amazon Linux 2 STIG v1.0.0 L1Unix

MEDIA PROTECTION

1.3.5 Ensure AIDE is configured to use FIPS 140-2 - installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.7.1.2 Ensure local login warning banner is configured properly - msrvCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.7.1.3 Ensure remote login warning banner is configured properly - banner_checkCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

1.8 Ensure updates, patches, and additional security software are installedCIS Amazon Linux 2 STIG v1.0.0 L1Unix

SYSTEM AND INFORMATION INTEGRITY

1.8.5 Ensure automatic mounting of removable media is disabledCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

MEDIA PROTECTION

1.13.2.1.4 Ensure 'Promote Level 2 errors as errors, not warnings' is set to DisabledCIS Microsoft Office Outlook 2016 v1.1.0 Level 1Windows

SYSTEM AND INFORMATION INTEGRITY

1.27 Set 'Remove file extensions blocked as Level 2' to 'Disabled'CIS MS Office Outlook 2010 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.6 Ensure DHCP Server is not enabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.7 Ensure LDAP server is not enabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.21 Ensure tftp server is not enabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.23 Ensure talk server is not enabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.14 Set 'Promote Level 2 errors as errors, not warnings' to 'Disabled'CIS MS Office Outlook 2010 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

3.1.1 Ensure IP forwarding is disabled - /etc/sysctl.conf /etc/sysctl.d/* net.ipv4.ip_forward = 0CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.1.1 Ensure IP forwarding is disabled - /etc/sysctl.conf /etc/sysctl.d/* net.ipv6.conf.all.forwarding = 0CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv6.conf.default.accept_source_route = 0CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

3.7.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled'CIS Microsoft Intune for Windows 10 v3.0.1 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.16 Ensure only FIPS 140-2 ciphers are used for SSHCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 9.6 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 9.5 OS v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 12 OS v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

MEDIA PROTECTION

18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v3.0.0 BLWindows

MEDIA PROTECTION

18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 BLWindows

MEDIA PROTECTION

18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

DTOO245 - Level 2 file extensions must be blocked and not removed.DISA STIG Microsoft Outlook 2013 v1r13Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office Open XML filesMSCT M365 Apps for enterprise 2312 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

GEN000290-2 - The system must not have the unnecessary 'news' account.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

Login: ssh - v2 and later is enabledTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

CONFIGURATION MANAGEMENT

SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures.DISA STIG Solaris 11 SPARC v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures.DISA STIG Solaris 11 X86 v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

VM : disable-unexposed-features-autologonVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

VM : disable-unexposed-features-autologonVMWare vSphere 6.5 Hardening GuideVMware

ACCESS CONTROL

VM : disable-unexposed-features-biosbbsVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

VM : disable-unexposed-features-getcredsVMWare vSphere 6.0 Hardening GuideVMware

CONFIGURATION MANAGEMENT

WN10-00-000060 - Non system-created file shares on a system must limit access to groups that require it.DISA Windows 10 STIG v3r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN11-00-000060 - Non-system-created file shares on a system must limit access to groups that require it.DISA Windows 11 STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WPAW-00-001000 - The Windows PAW must be configured so that all non-administrative-related applications and functions are blocked or removed from the PAW platform, including but not limited to email, Internet browsing, and line-of-business applications.DISA MS Windows Privileged Access Workstation v3r1Windows

CONFIGURATION MANAGEMENT