Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4.1.6 Ensure 'Local Machine Zone Lockdown Security' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

1.1.4.1.8 Ensure 'Navigate URL' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.4.1.14 Ensure 'Scripted Window Security Restrictions' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.1 Ensure 'Enable Automatic Updates' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5.9 Ensure that a unique Certificate Authority is used for etcdCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix
2.1.1.3.2.1.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.2 Alter the Advertised server.number StringCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.2.2.1 Ensure 'Do not show data extraction options when opening corrupt workbooks' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4.5.1.1 Ensure 'Internet and network paths as hyperlinks' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.2.4.7.2.1.2 Ensure 'Don't allow Dynamic Data Exchange (DDE) server launch in Excel' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4.7.2.1.3 Ensure 'Don't allow Dynamic Data Exchange (DDE) server lookup in Excel' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4.7.2.2.5 Ensure 'Excel 3 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.2.3.1 Ensure 'Always open untrusted database files in Protected View' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4.7.2.3.6 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4.7.2.11 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.11.8.7.2.1.2 Ensure 'Word 2 and earlier binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.1.4 Ensure 'Word 2003 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.2.2 Ensure 'Do not open files in unsafe locations in Protected View' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.11.8.7.2.2.5 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.11.8.7.2.3.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.11.8.7.2.8 Ensure 'Scan encrypted macros in Word Open XML Documents' to 'Enabled: Scan encrypted macros (default)'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.9 Ensure 'Trust access to Visual Basic Project' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.11.8.7.2.10 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.3 Ensure 'Make hidden markup visible' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

3.1.3 Ensure that the --insecure-allow-any-token argument is not setCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.1.7 Ensure that the --profiling argument is set to falseCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

3.1.13 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriateCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.1.15 Ensure that the --token-auth-file parameter is not setCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.2 Disable the Shutdown portCIS Apache Tomcat 9 L2 v1.2.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

4.4 Restrict access to Tomcat logs directoryCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.9 Restrict access to Tomcat catalina.policyCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.10 Restrict access to Tomcat context.xmlCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.12 Restrict access to Tomcat server.xmlCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.14 Restrict access to Tomcat web.xmlCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2 Ensure SSLEnabled is set to True for Sensitive Connectors - verify SSLEnabled is set to trueCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

8.1 Restrict runtime access to sensitive packagesCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryCIS Apache Tomcat 9 L1 v1.2.0Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL

10.9 Configure connectionTimeoutCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.13 Do not run applications as privilegedCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL

Check if API Server is runningCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix
Check if Controller Manager is runningCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix
Check if Federation Controller Manager is runningCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix
Check if kubectl existsCIS Kubernetes 1.8 Benchmark v1.2.0 L2Unix
Check if kubelet is enabledCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix
Check if Scheduler is runningCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix