Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.6.1.1 Ensure SELinux is not disabled in bootloader configurationCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0Unix

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - 'enforcing'CIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0Unix

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

1.6.1.1 Ensure SELinux is not disabled in bootloader configuration -'selinux'CIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0Unix

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

1.7.1.2 Ensure AppArmor is enabled in the bootloader configuration - apparmorCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

1.7.1.4 Ensure all AppArmor Profiles are enforcing - unconfinedCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

ACCESS CONTROL

2.1 Ensure the file permissions mask is correctCIS PostgreSQL 11 OS v1.0.0Unix

ACCESS CONTROL

2.1 Ensure the file permissions mask is correctCIS PostgreSQL 9.5 OS v1.1.0Unix

ACCESS CONTROL

2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/groupsCIS PostgreSQL 9.5 OS v1.1.0Unix

ACCESS CONTROL

2.2.3 Ensure 'GLOBAL_NAMES' Is Set to 'TRUE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

2.2.15 Ensure '_trace_files_public' Is Set to 'FALSE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

2.2.16 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

2.2.17 Ensure '_trace_files_public' Is Set to 'FALSE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

3.1 Set User/Group Owner on bootloader configCIS Ubuntu 12.04 LTS Benchmark L1 v1.0.0Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.6 Ensure the log file permissions are set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

3.1.6 Ensure the log file permissions are set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

4.6 Ensure Row Level Security (RLS) is configured correctlyCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Encryption' PackagesCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Encryption' Packages - Encryption PackagesCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.1.3.2 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'DBA_%'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' TablesCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.1.4 Ensure permissions on /etc/cron.daily are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

5.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

5.1.8 Ensure at/cron is restricted to authorized users - '/etc/cron.allow'CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.6 Ensure 'SELECT ANY TABLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.6 Ensure 'SELECT ANY TABLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.12 Ensure 'CREATE ANY LIBRARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.14 Ensure 'GRANT ANY OBJECT PRIVILEGE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.3.1 Ensure 'DELETE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.3.3 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.3.4 Ensure 'DBA' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/profile'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.dCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

6.1.5 Set User/Group Owner and Permission on /etc/cron.hourlyCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.1.6 Set User/Group Owner and Permission on /etc/cron.dailyCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.1.10 Ensure no world writable files existCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

ACCESS CONTROL

6.1.10 Restrict at/cron to Authorized Users - cron.allowCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.2.6 Ensure root is the only UID 0 accountCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

9.1.5 Verify Permissions on /etc/groupCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

13.8 Check User Dot File PermissionsCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

ACCESS CONTROL