Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/dockerCIS Docker v1.6.0 L2 Docker LinuxUnix

AUDIT AND ACCOUNTABILITY

1.2.4 Ensure auditing is configured for Docker files and directories - /var/lib/dockerCIS Docker v1.2.0 L2 Linux Host OSUnix

AUDIT AND ACCOUNTABILITY

1.3 Ensure Docker is up to dateCIS Docker Community Edition v1.1.0 L1 Linux Host OSUnix

SYSTEM AND INFORMATION INTEGRITY

1.5 Keep Docker up to dateCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

1.6 Ensure auditing is configured for Docker files and directories - /var/lib/dockerCIS Docker Community Edition v1.1.0 L1 Linux Host OSUnix

AUDIT AND ACCOUNTABILITY

1.9 Audit Docker files and directories - /etc/dockerCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.9 Audit Docker files and directories - /var/lib/dockerCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.12 Audit Docker files and directories - /etc/default/dockerCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.13 Audit Docker files and directories - /etc/docker/daemon.jsonCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.13 Audit Docker files and directories - /var/run/docker.sockCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.14 Audit Docker files and directories - /etc/sysconfig/dockerCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.15 Audit Docker files and directories - /etc/sysconfig/docker-networkCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

2.5 Do not use the aufs storage driverCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

2.5 Do not use the aufs storage driverCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

2.6 Configure TLS authentication for Docker daemon --tlskeyCIS Docker 1.13.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Configure TLS authentication for Docker daemon --tlscacertCIS Docker 1.13.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured --tlscacertCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured --tlskeyCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured --tlsverifyCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6 Ensure TLS authentication for Docker daemon is configured - tlsverifyCIS Docker v1.2.0 L1 Docker LinuxUnix
2.7 Ensure TLS authentication for Docker daemon is configured - tlscacertCIS Docker v1.3.1 L1 Docker LinuxUnix
2.7 Ensure TLS authentication for Docker daemon is configured - tlscacertCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.7 Ensure TLS authentication for Docker daemon is configured - tlskeyCIS Docker v1.5.0 L1 Docker LinuxUnix
2.7 Ensure TLS authentication for Docker daemon is configured - tlsverifyCIS Docker v1.5.0 L1 Docker LinuxUnix
2.11 Use authorization pluginCIS Docker 1.12.0 v1.0.0 L2 DockerUnix

IDENTIFICATION AND AUTHENTICATION

3.9 Verify that docker-network environment file ownership is set to root:rootCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.11 Verify that docker-registry environment file ownership is set to root:rootCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.12 Verify that docker-registry environment file permissions are set to 644 or more restrictiveCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.14 Ensure that Docker server certificate key file permissions are set to 400CIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.14 Verify that Docker server certificate key file permissions are set to 400CIS Docker 1.13.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.14 Verify that Docker server certificate key file permissions are set to 400CIS Docker 1.11.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.14 Verify that Docker server certificate key file permissions are set to 400CIS Docker 1.12.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.15 Ensure that the Docker socket file ownership is set to root:dockerCIS Docker v1.5.0 L1 Docker LinuxUnix
3.16 Ensure that the Docker socket file permissions are set to 660 or more restrictivelyCIS Docker v1.5.0 L1 Docker LinuxUnix
3.16 Ensure that the Docker socket file permissions are set to 660 or more restrictivelyCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL, MEDIA PROTECTION

3.16 Ensure that the Docker socket file permissions are set to 660 or more restrictivelyCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL, MEDIA PROTECTION

3.16 Verify that Docker socket file permissions are set to 660 or more restrictiveCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.24 Verify that Docker server certificate key file permissions are set to 400CIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.26 Verify that Docker socket file permissions are set to 660 or more restrictiveCIS Docker 1.6 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

5.31 Ensure that the Docker socket is not mounted inside any containersCIS Docker v1.2.0 L1 Docker LinuxUnix

AUDIT AND ACCOUNTABILITY

7.1 Ensure swarm mode is not Enabled, if not neededCIS Docker v1.5.0 L1 Docker LinuxUnix
DKER-EE-002080 - Docker Enterprise exec commands must not be used with privileged option.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-003590 - Content Trust enforcement must be enabled in Universal Control Plane (UCP) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1Unix

CONFIGURATION MANAGEMENT

DKER-EE-003610 - Only trusted, signed images must be on Universal Control Plane (UCP) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v2r1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-003610 - Only trusted, signed images must be on Universal Control Plane (UCP) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-003610 - Only trusted, signed images must be on Universal Control Plane (UCP) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v1r1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-005290 - Docker Enterprise server certificate key file ownership must be set to root:root.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-005290 - Docker Enterprise server certificate key file ownership must be set to root:root.DISA STIG Docker Enterprise 2.x Linux/Unix v1r1Unix

CONFIGURATION MANAGEMENT

DKER-EE-005290 - Docker Enterprise server certificate key file ownership must be set to root:root.DISA STIG Docker Enterprise 2.x Linux/Unix v2r1Unix

CONFIGURATION MANAGEMENT

DKER-EE-005320 - Docker Enterprise socket file permissions must be set to 660 or more restrictive.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT