Item Search

NameAudit NamePluginCategory
1.1 Ensure a separate user and group exist for Cassandra - groupCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - groupCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - passwdCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - user exists in groupCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1.2 Ensure that the API server pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.1.14 Ensure that the admin.conf file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.2.15 Ensure that the admission control plugin PodSecurityPolicy is setCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.2.16 Ensure that the admission control plugin PodSecurityPolicy is setCIS Kubernetes Benchmark v1.5.1 L1Unix

ACCESS CONTROL

1.2.17 Ensure that the admission control plugin NodeRestriction is setCIS Kubernetes Benchmark v1.5.1 L1Unix

ACCESS CONTROL

1.3.1 Ensure sudo is installedCIS Red Hat EL7 Server L1 v3.0.1Unix

CONFIGURATION MANAGEMENT

1.3.1 Ensure that the --terminated-pod-gc-threshold argument is set as appropriateCIS Kubernetes Benchmark v1.5.1 L1Unix

CONFIGURATION MANAGEMENT

1.3.2 Ensure that the --profiling argument is set to falseCIS Kubernetes Benchmark v1.5.1 L1Unix

CONFIGURATION MANAGEMENT

1.3.3 Ensure that the --use-service-account-credentials argument is set to trueCIS Kubernetes Benchmark v1.5.1 L1Unix

ACCESS CONTROL

1.4.1 Ensure that the --profiling argument is set to falseCIS Kubernetes Benchmark v1.5.1 L1Unix

CONFIGURATION MANAGEMENT

1.5 Ensure the Cassandra service is run as a non-root userCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

2.1 Run BIND as a non-root User - process -u namedCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

2.6 Ensure that the --peer-auto-tls argument is not set to trueCIS Kubernetes Benchmark v1.5.1 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 WorkerUnix

CONFIGURATION MANAGEMENT

4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 WorkerUnix

CONFIGURATION MANAGEMENT

4.1.10 Ensure that the kubelet --config configuration file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.0 L1 WorkerUnix

CONFIGURATION MANAGEMENT

4.2 Ensure excessive administrative privileges are revokedCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

4.4 Ensure excessive DML privileges are revokedCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

4.4 Ensure excessive DML privileges are revokedCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

4.4 Ensure excessive function privileges are revokedCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

4.5 Ensure excessive DML privileges are revokedCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.2.1 Minimize the admission of privileged containersCIS Kubernetes v1.20 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.6 Ensure 'User' Runtime Parameters are ConfiguredCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

7.1 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

7.2 Ensure a replication-only user is created and used for streaming replicationCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

Ensure authentication required for single user modeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL