Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Keep ESXi system properly patchedCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
1.2 Ensure the container host has been HardenedCIS Docker Community Edition v1.1.0 L1 Linux Host OSUnix

CONFIGURATION MANAGEMENT

1.2 Harden the container hostCIS Docker 1.13.0 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

1.3 Harden the container hostCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

1.3 Harden the container hostCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

1.4 Harden the container hostCIS Docker 1.6 v1.0.0 L1 LinuxUnix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.5 Disable client facing Stack Traces - check for defined exception typeCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

4.2 Restrict access to $CATALINA_BASECIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.12 Restrict access to Tomcat server.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2 Use LockOut RealmsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

6.1 Setup Client-cert AuthenticationCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

6.3 Ensure scheme is set accuratelyCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.6 Ensure directory in logging.properties is a secure location - check log directory locationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.5 Rename the manager application - host-manager/manager.xmlCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.7 Turn off session facade recyclingCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASHCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.9 Configure connectionTimeoutCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.12 Do not allow symbolic linkingCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

10.17 Setting Security Lifecycle Listener - check for umask present in startupCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

18.10.9.1.3 (L1) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.1.11 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 BLWindows

IDENTIFICATION AND AUTHENTICATION

18.10.9.1.11 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows

IDENTIFICATION AND AUTHENTICATION

18.10.9.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

MEDIA PROTECTION

18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

IDENTIFICATION AND AUTHENTICATION

18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NGWindows

IDENTIFICATION AND AUTHENTICATION

18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

IDENTIFICATION AND AUTHENTICATION

18.10.10.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 11 Enterprise v4.0.0 BitLockerWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.1.11 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

IDENTIFICATION AND AUTHENTICATION

CIS_AlmaLinux_OS_8_Server_L2_v3.0.0.audit from CIS AlmaLinux OS 8 Benchmark v3.0.0CIS AlmaLinux OS 8 Server L2 v3.0.0Unix
CIS_AlmaLinux_OS_8_Workstation_L2_v3.0.0.audit from CIS AlmaLinux OS 8 Benchmark v3.0.0CIS AlmaLinux OS 8 Workstation L2 v3.0.0Unix
CIS_Amazon_Linux_2_v3.0.0_L1.audit from CIS Amazon Linux 2 Benchmark v3.0.0CIS Amazon Linux 2 v3.0.0 L1Unix
CIS_Amazon_Linux_2_v3.0.0_L2.audit from CIS Amazon Linux 2 Benchmark v3.0.0CIS Amazon Linux 2 v3.0.0 L2Unix
CIS_Apache_Tomcat_11_v1.0.0_L2.audit from CIS Apache Tomcat 11 Benchmark v1.0.0CIS Apache Tomcat 11 v1.0.0 L2Unix
CIS_IBM_WebSphere_Liberty_v1.0.0_L2.audit from CIS IBM WebSphere Liberty Benchmark v1.0.0CIS IBM WebSphere Liberty v1.0.0 L2Unix
CIS_Microsoft_SharePoint_2016_OS_v1.1.0_Level_1.audit from CIS Microsoft SharePoint 2016 Benchmark v1.1.0CIS Microsoft SharePoint 2016 OS v1.1.0Windows
CIS_Mozilla_Firefox_38_ESR_v1.0.0_Windows_Level1.audit for CIS Mozilla Firefox 38 ESR v1.0.0CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0Windows
CIS_Mozilla_Firefox_102_ESR_v1.0.0_Windows_Level1.audit for CIS Mozilla Firefox 102 ESR v1.0.0CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0Windows
CIS_MySQL_8.0_Community_Benchmark_v1.1.0_Level_1_Database.audit from CIS Oracle MySQL 8.0 Community Edition BenchmarkCIS MySQL 8.0 Community Database L1 v1.1.0MySQLDB
CIS_MySQL_8.0_Community_Benchmark_v1.1.0_Level_2_Database.audit from CIS Oracle MySQL 8.0 Community Edition BenchmarkCIS MySQL 8.0 Community Database L2 v1.1.0MySQLDB
CIS_MySQL_8.4_Community_Benchmark_v1.0.0_Level_2_OS_Linux.audit from CIS Oracle MySQL 8.4 Community Edition BenchmarkCIS Oracle MySQL Community Server 8.4 v1.0.0 L2 OS LinuxUnix
CIS_MySQL_8.4_Enterprise_Benchmark_v1.0.0_Level_2_OS_Linux.audit from CIS Oracle MySQL 8.4 Enterprise Edition BenchmarkCIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL OS LinuxUnix
CIS_SUSE_Linux_Enterprise_12_v3.2.0_L1_Workstation.audit from CIS SUSE Linux Enterprise 12 Benchmark v3.2.0CIS SUSE Linux Enterprise 12 v3.2.0 L1 WorkstationUnix
CIS_SUSE_Linux_Enterprise_15_v2.0.0_L1_Server.audit from CIS SUSE Linux Enterprise 15 Benchmark v2.0.0CIS SUSE Linux Enterprise 15 v2.0.0 L1 ServerUnix
CIS_SUSE_Linux_Enterprise_15_v2.0.0_L2_Workstation.audit from CIS SUSE Linux Enterprise 15 Benchmark v2.0.0CIS SUSE Linux Enterprise 15 v2.0.0 L2 WorkstationUnix
CIS_Ubuntu_Linux_18.04_LTS_v2.2.0_L1_Workstation.audit from CIS Ubuntu Linux 18.04 LTS Benchmark v2.2.0CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix
CIS_Ubuntu_Linux_18.04_LTS_v2.2.0_L2_Workstation.audit from CIS Ubuntu Linux 18.04 LTS Benchmark v2.2.0CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix
CIS_Ubuntu_Linux_22.04_LTS_v2.0.0_L1_Workstation.audit from CIS Ubuntu Linux 22.04 LTS Benchmark v2.0.0CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix
VCTR-67-000077 - The vCenter Server must enable TLS 1.2 exclusively.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT