Item Search

Name	Audit Name	Plugin	Category
1.1.10 Ensure separate partition exists for /var	CIS Amazon Linux 2 STIG v2.0.0 L2 Server	Unix	CONFIGURATION MANAGEMENT
1.1.11 Ensure separate partition exists for /var/tmp	CIS Amazon Linux 2 STIG v2.0.0 L2 Server	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION
1.41 OL08-00-010291	CIS Oracle Linux 8 STIG v1.0.0 CAT II	Unix	MAINTENANCE
1.174 RHEL-09-252035	CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II	Unix	CONFIGURATION MANAGEMENT
2.1.30 Ensure the krb5-server package has not been installed on the system	CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG	Unix	CONFIGURATION MANAGEMENT
2.4 Password Security - 'security.passwd.rules.minimum.alphabetic = 2'	TNS NetApp Data ONTAP 7G	NetApp	IDENTIFICATION AND AUTHENTICATION
2.20 Disable Mounting of jffs2 Filesystems	CIS Debian Linux 7 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.11 Verify that Docker server certificate file ownership is set to root:root	CIS Docker 1.12.0 v1.0.0 L1 Docker	Unix	CONFIGURATION MANAGEMENT
3.13 Verify that Docker server certificate key file ownership is set to root:root	CIS Docker 1.11.0 v1.0.0 L1 Docker	Unix	CONFIGURATION MANAGEMENT
3.13 Verify that Docker server certificate key file ownership is set to root:root	CIS Docker 1.12.0 v1.0.0 L1 Docker	Unix	CONFIGURATION MANAGEMENT
3.14 Verify that Docker server certificate key file permissions are set to 400	CIS Docker 1.11.0 v1.0.0 L1 Docker	Unix	CONFIGURATION MANAGEMENT
3.14 Verify that Docker server certificate key file permissions are set to 400	CIS Docker 1.12.0 v1.0.0 L1 Docker	Unix	CONFIGURATION MANAGEMENT
4.1.1.1 Ensure auditd is installed	CIS Amazon Linux 2 STIG v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.3 Ensure session initiation information is collected	CIS Amazon Linux 2 STIG v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.7 Ensure kernel module loading and unloading is collected	CIS Amazon Linux 2 STIG v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.8 Ensure changes to system administration scope (sudoers) is collected	CIS Amazon Linux 2 STIG v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY, MAINTENANCE
5.1.29 Ensure the SSH server is configured to use only ciphers employing FIPS 140-2-approved algorithms	CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.4 CIFS - 'cifs.restrict_anonymous = 2'	TNS NetApp Data ONTAP 7G	NetApp	ACCESS CONTROL
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases	CIS SQL Server 2017 Database L1 DB v1.3.0	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
ARST-L2-000020 - The Arista MLS layer 2 switch must uniquely identify all network-connected endpoint devices before establishing any connection.	DISA STIG Arista MLS EOS 4.2x L2S v2r1	Arista	IDENTIFICATION AND AUTHENTICATION
ARST-L2-000020 - The Arista MLS layer 2 switch must uniquely identify all network-connected endpoint devices before establishing any connection.	DISA STIG Arista MLS EOS 4.x L2S v2r3	Arista	IDENTIFICATION AND AUTHENTICATION
ARST-L2-000110 - The Arista MLS layer 2 switch must have Dynamic Address Resolution Protocol (ARP) Inspection (DAI) enabled on all user VLANs.	DISA STIG Arista MLS EOS 4.x L2S v2r3	Arista	SYSTEM AND COMMUNICATIONS PROTECTION
ARST-L2-000150 - The Arista MLS layer 2 switch must enable Unidirectional Link Detection (UDLD) to protect against one-way connections.	DISA STIG Arista MLS EOS 4.2x L2S v2r1	Arista	CONFIGURATION MANAGEMENT
ARST-L2-000180 - The Arista MLS layer 2 switch must not have the default VLAN assigned to any host-facing switch ports.	DISA STIG Arista MLS EOS 4.2x L2S v2r1	Arista	SYSTEM AND COMMUNICATIONS PROTECTION
ARST-L2-000180 - The Arista MLS layer 2 switch must not have the default VLAN assigned to any host-facing switch ports.	DISA STIG Arista MLS EOS 4.x L2S v2r3	Arista	SYSTEM AND COMMUNICATIONS PROTECTION
ARST-L2-000210 - The Arista MLS layer 2 switch must have all user-facing or untrusted ports configured as access switch ports.	DISA STIG Arista MLS EOS 4.x L2S v2r3	Arista	SYSTEM AND COMMUNICATIONS PROTECTION
ARST-L2-000210 - The Arista MLS layer 2 switch must have all user-facing or untrusted ports configured as access switch ports.	DISA STIG Arista MLS EOS 4.2x L2S v2r1	Arista	SYSTEM AND COMMUNICATIONS PROTECTION
EP11-00-008700 - The EDB Postgres Advanced Server must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.	EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4	Windows	CONFIGURATION MANAGEMENT
GEN000242 - The system must use at least two time sources for clock synchronization - service ntp server 2	DISA STIG Solaris 10 X86 v2r4	Unix	AUDIT AND ACCOUNTABILITY
JUEX-NM-000430 - The Juniper EX switch must be configured to synchronize internal information system clocks using redundant authoritative time sources.	DISA Juniper EX Series Network Device Management v2r3	Juniper	AUDIT AND ACCOUNTABILITY
OH12-1X-000320 - OHS must have the LoadModule ossl_module directive enabled to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
OH12-1X-000321 - OHS must have the SSLFIPS directive enabled to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocol	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
OH12-1X-000323 - OHS must have the SSLCipherSuite directive enabled to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
PPS9-00-008700 - The EDB Postgres Advanced Server must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.	EDB PostgreSQL Advanced Server OS Linux Audit v2r3	Unix	CONFIGURATION MANAGEMENT
RHEL-09-252035 - RHEL 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers configured.	DISA Red Hat Enterprise Linux 9 STIG v2r5	Unix	CONFIGURATION MANAGEMENT
Salesforce.com : Email Services - 'AddressInactiveAction != 2'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
Salesforce.com : Email Services - 'AuthorizationFailureAction != 2'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	CONFIGURATION MANAGEMENT
VCFL-67-000005 - vSphere Client must be configured with FIPS 140-2 compliant ciphers for HTTPS connections.	DISA STIG VMware vSphere 6.7 Virgo Client v1r2	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
VCLD-67-000002 - VAMI must be configured with FIPS 140-2 compliant ciphers for HTTPS connections.	DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
VCLD-70-000002 - VAMI must be configured with FIPS 140-2 compliant ciphers for HTTPS connections.	DISA STIG VMware vSphere 7.0 VAMI v1r2	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search